Hi all,We have published the updated version of expat draft for discussion at SEAT. Those who have read the older version [0], the changes are:
1. Expanded security considerations, in particular added security guarantees 2. Added privacy considerations 3. Corrected Figure 1We acknowledge Ekr for his review of [0]. Unfortunately, we could not satisfactorily address all the comments. That is to say, issue [1] is still open and we will continue to work on it as a priority as we get better understanding from the formal analysis.
Ionut will shortly announce the other draft. We welcome any feedback.[0] https://datatracker.ietf.org/doc/draft-fossati-tls-exported-attestation/02/
[1] https://github.com/tls-attestation/exported-attestation/issues/23 -------- Forwarded Message -------- Subject: New Version Notification for draft-fossati-seat-expat-00.txt Date: Mon, 20 Oct 2025 11:21:23 -0700 From: [email protected]To: Tirumaleswar Reddy.K <[email protected]>, Hannes Tschofenig <[email protected]>, Ionut Mihalcea <[email protected]>, Muhammad Sardar <[email protected]>, Muhammad Usama Sardar <[email protected]>, Thomas Fossati <[email protected]>, Tirumaleswar Reddy <[email protected]>, Yaron Sheffer <[email protected]>
A new version of Internet-Draft draft-fossati-seat-expat-00.txt has been successfully submitted by Ionut Mihalcea and posted to the IETF repository. Name: draft-fossati-seat-expat Revision: 00 Title: Remote Attestation with Exported Authenticators Date: 2025-10-20 Group: Individual Submission Pages: 18 URL: https://www.ietf.org/archive/id/draft-fossati-seat-expat-00.txt Status: https://datatracker.ietf.org/doc/draft-fossati-seat-expat/ HTML: https://www.ietf.org/archive/id/draft-fossati-seat-expat-00.html HTMLized: https://datatracker.ietf.org/doc/html/draft-fossati-seat-expat Abstract: This specification defines a method for two parties in a communication interaction to exchange Evidence and Attestation Results using exported authenticators, as defined in [RFC9261]. Additionally, it introduces the cmw_attestation extension, which allows attestation credentials to be included directly in the Certificate message sent during the Exported Authenticator-based post-handshake authentication. The approach supports both the passport and background check models from the RATS architecture while ensuring that attestation remains bound to the underlying communication channel. The IETF Secretariat
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
