| rfc9683v3.txt | rfc9683.txt | |||
|---|---|---|---|---|
| skipping to change at line 151 ¶ | skipping to change at line 151 ¶ | |||
| Additionally, this document defines the following term: | Additionally, this document defines the following term: | |||
| Attestation: The process of generating, conveying, and appraising | Attestation: The process of generating, conveying, and appraising | |||
| claims, backed by evidence, about device trustworthiness | claims, backed by evidence, about device trustworthiness | |||
| characteristics, including supply chain trust, identity, device | characteristics, including supply chain trust, identity, device | |||
| provenance, software configuration, device composition, compliance | provenance, software configuration, device composition, compliance | |||
| to test suites, functional and assurance evaluations, etc. | to test suites, functional and assurance evaluations, etc. | |||
| The goal of attestation is simply to assure an administrator or | The goal of attestation is simply to assure an administrator or | |||
| auditor that the device's configuration and software are authentic | auditor that the device's configuration and software are authentic | |||
| and has been unaltered since the device started. The determination | and were unmodified since the device started. The determination of | |||
| of software authenticity is not prescribed in this document, but it's | software authenticity is not prescribed in this document, but it's | |||
| typically taken to mean a software image generated by an authority | typically taken to mean a software image generated by an authority | |||
| trusted by the administrator, such as the device manufacturer. | trusted by the administrator, such as the device manufacturer. | |||
| Within the context of the Trusted Computing Group (TCG), the scope of | Within the context of the Trusted Computing Group (TCG), the scope of | |||
| attestation is typically narrowed to describe the process by which an | attestation is typically narrowed to describe the process by which an | |||
| independent Verifier can obtain cryptographic proof as to the | independent Verifier can obtain cryptographic proof as to the | |||
| identity of the device in question, evidence of the integrity of the | identity of the device in question, evidence of the integrity of the | |||
| device's software that was loaded upon startup, and verification that | device's software that was loaded upon startup, and verification that | |||
| the current configuration matches the intended configuration. For | the current configuration matches the intended configuration. For | |||
| network equipment, a Verifier capability can be embedded in a Network | network equipment, a Verifier capability can be embedded in a Network | |||
| End of changes. 1 change blocks. | ||||
| 2 lines changed or deleted | 2 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. | ||||