EAT: Move issuer / cti claims to Optional, and assign an OID to the p… (#80)

fdamato · web-flow · commit bf1f60aa0a21 · 2025-11-04T14:20:43.000-08:00
* EAT: Move issuer / cti claims to Optional, and assign an OID to the profile

Signed-off-by: Fabrizio Damato &lt;fabrizio.damato@amd.com&gt;

* EAT: Changed the Scope to Full Profile

Signed-off-by: Fabrizio Damato &lt;fabrizio.damato@amd.com&gt;

---------

Signed-off-by: Fabrizio Damato &lt;fabrizio.damato@amd.com&gt;
diff --git a/specifications/ietf-eat-profile/cddl/ietf_eat_ocp_profile.cddl b/specifications/ietf-eat-profile/cddl/ietf_eat_ocp_profile.cddl
@@ -1,32 +1,26 @@
 cwt-eat = {
   ; Mandatory Claims
 
-  ; Issuer claim is StringOrURI (tstr) (Mandatory)
-  &(iss : 1) => tstr
-
-  ; CTI claim for token uniqueness (Mandatory)
-  &(cti : 7) => bstr .size (8..64)
-
   ; Nonce claim is nonce-type = bstr .size (8..64) (Mandatory)
   &(Nonce : 10) => bstr .size (8..64)
 
   ; Debug status claim (Mandatory) // dbgstat-type is defined in https://datatracker.ietf.org/doc/rfc9711/
   &(dbgstat : 263) => dbgstat-type
 
     ; The EAT Profile for OCP OID (Mandatory) // eat-profile is defined in https://datatracker.ietf.org/doc/rfc9711/
-  &(EAT Profile : 265 ) => ~oid ; TODO: OCP Security to assign a value - note: `~` strips CBOR tag #6.111(oid) from `oid`
+  &(EAT Profile : 265 ) => ~oid ; 1.3.6.1.4.1.42623.1.3 - note: `~` strips CBOR tag #6.111(oid) from `oid`
 
   ; EAT measurements (Mandatory)
   &(Measurements : 273) => measurements-type
 
   ; Optional Claims
 
-  ; CoRIM Locator Map (Optional) // corim-locator-map is defined in https://datatracker.ietf.org/doc/draft-ietf-rats-corim/
-  ? &(rim-locators : -70001) => [ + corim-locator-map]
-  
-  ; DLOA claim (Optional) // dloa-type is defined in https://datatracker.ietf.org/doc/rfc9711/
-  ? &(dloas : 269) => [ + dloa-type ]
+  ; Issuer claim is StringOrURI (tstr) (Optional)
+  &(iss : 1) => tstr
 
+  ; CTI claim for token uniqueness (Optional)
+  &(cti : 7) => bstr .size (8..64)
+ 
   ; UEID claim (Optional)
   ? &(ueid : 256) => bstr .size (7..33)
 
@@ -48,6 +42,12 @@ cwt-eat = {
   ; Boot seed claim (Optional)
   ? &(bootseed : 268) => bstr .size (32..64)
 
+  ; DLOA claim (Optional) // dloa-type is defined in https://datatracker.ietf.org/doc/rfc9711/
+  ? &(dloas : 269) => [ + dloa-type ]
+
+  ; CoRIM Locator Map (Optional) // corim-locator-map is defined in https://datatracker.ietf.org/doc/draft-ietf-rats-corim/
+  ? &(rim-locators : -70001) => [ + corim-locator-map]
+
   ; Private Claims (up to 5, must be < -65536 per RFC 8392)
   * $$private-claims => any
 }
@@ -66,9 +66,9 @@ measurements-format = [
 ]
 coap-content-format = uint .le 65535
 
-signed-cwt = #6.18(COSE-Sign1-concise-evidence)
+signed-cwt = #6.18(COSE-Sign1-cwt-eat)
 
-COSE-Sign1-concise-evidence = [
+COSE-Sign1-cwt-eat = [
   protected: bstr .cbor protected-ce-header-map
   unprotected: unprotected-ce-header-map
   payload: bstr .cbor cwt-eat
diff --git a/specifications/ietf-eat-profile/spec.ocp b/specifications/ietf-eat-profile/spec.ocp
@@ -38,6 +38,7 @@ The Contributors of this Specification would like to acknowledge the following:
 - Jason Young (Google)
 - Jeff Andersen (Google)
 - Ned Smith (Intel)
+- Parvathi Bhogaraju (Microsoft)
 - Roksana Golizadeh Mojarad (Microsoft)
 - Raghu Krishnamurthy (NVIDIA)
 - Steven Bellock (NVIDIA)
@@ -90,6 +91,13 @@ accelerators. By providing a unified approach, the specification aims to
 simplify and streamline the attestation and verification process within complex
 and heterogeneous environments.
 
+## Profile Identifier
+
+**OID: 1.3.6.1.4.1.42623.1.3**
+
+This Object Identifier (OID) uniquely identifies this OCP Profile for IETF Entity Attestation Token. The OID **MUST** be included in the **eat_profile** claim (claim key 265, encoded as `0x190109`) within every CWT that conforms to this specification.
+
+
 ## Terms and Definitions
 
 - **CWT**: CBOR Web Token
@@ -126,8 +134,8 @@ accommodate.
 ## Scope
 
 This profile defines the evidence format for an Attester Endpoint Application.
-With respect to RFC 9711, it is a partial profile, as it allows the integrator
-to choose the algorithm to use for signing the statement. It is application
+With respect to RFC 9711, it is a full profile, as it specifies the mandatory
+cryptographic algorithm that must be used for signing the statement. It is application
 layer agnostic, supporting implementations such as an SPDM Responder or any
 other custom solution. The profile focuses solely on the evidence related to
 the claims gathered by the Attester Application. Consequently, it does not
@@ -162,33 +170,33 @@ Specifically, the keys in the CWT map **MUST** be sorted in the bytewise
 lexicographic order of their deterministic encodings. This ordering convention
 applies to mandatory claims, optional claims, and private claims when present.
 
-**Mandatory Claims (1-6)**: These claims are **REQUIRED** for all attestations
+**Mandatory Claims (1-4)**: These claims are **REQUIRED** for all attestations
 and provide the minimum necessary information for verifier appraisal policies.  The verifier
 can expect at a minimum these claims in a compliant attestation:
 
-1. **issuer**  (claim key: 1, encoded as 0x01)
-    * This claim is used by the attester to bind the EAT to the certificate chain that issued it. It **SHALL** match the SUBJECT Common Name of the Attestation Key Certificate.
-
-2. **cti**  (claim key: 7, encoded as 0x07)
-    * This claim is used by the attester to establish uniqueness of the token. Refer to [@{ietf-rfc8392}] for acceptable values for this claim
-
-3. **Nonce**  (claim key: 10, encoded as 0x0a)
+1. **Nonce**  (claim key: 10, encoded as 0x0a)
     * This claim is used by the attester to ensure the freshness of the response. Refer to [@{ietf-rfc9711}] for acceptable values for this claim
 
-4. **dbgstat** (claim key: 263, encoded as 0x190107)
+2. **dbgstat** (claim key: 263, encoded as 0x190107)
     * This claim is used by the attester to determine whether the attester is in Debug mode. Refer to [@{ietf-rfc9711}] for acceptable values for this claim
 
-5. **EAT Profile** (claim key: 265, encoded as 0x190109)
-    * This claim is used by the attester to identify the profile. It **MUST** be present and **SHALL** contain the OID assigned to the OCP Profile. **TODO: OCP to assign OID Value**
+3. **EAT Profile** (claim key: 265, encoded as 0x190109)
+    * This claim is used by the attester to identify the profile. It **MUST** be present and **SHALL** contain the OID `1.3.6.1.4.1.42623.1.3` assigned to the OCP Profile.
 
-6. **Measurements** (claim key: 273, encoded as 0x190111)
+4. **Measurements** (claim key: 273, encoded as 0x190111)
     * This claim is used by the attester to present the target environment claims that verifier will consume for the appraisal policy. It **MUST** be present and **SHALL** encapsulate a "concise-evidence" as a serialized CBOR byte string using the appropriate IANA media type.
 
-**Optional Claims (7-14)**: These claims are **OPTIONAL** and provide additional
+**Optional Claims (5-15)**: These claims are **OPTIONAL** and provide additional
 platform information that may be useful for audit purposes but are not strictly
 necessary for appraisal policies. These claims are typically non-verifiable and
 serve informational purposes:
 
+5. **issuer**  (claim key: 1, encoded as 0x01)
+    * This claim is used by the attester to bind the EAT to the certificate chain that issued it. It **SHALL** match the SUBJECT Common Name of the Attestation Key Certificate.
+
+6. **cti**  (claim key: 7, encoded as 0x07)
+    * This claim is used by the attester to establish uniqueness of the token. Refer to [@{ietf-rfc8392}] for acceptable values for this claim
+
 7. **ueid** (claim key: 256, encoded as 0x190100)
     * This claim is used by the attester to identify the attester. If present, refer to [@{ietf-rfc9711}] for acceptable values for this claim
 
@@ -241,7 +249,7 @@ size constraints apply:
 * Each text string value in any claim **SHOULD NOT** exceed 100 bytes
 
 **Appraisal Policy Considerations**: For verifier appraisal policies, the
-mandatory claims (1-6) **SHALL** be sufficient to establish the security
+mandatory claims (1-4) **SHALL** be sufficient to establish the security
 posture of the attesting platform. Optional claims provide supplementary
 information that enhances visibility into platform state and configuration but
 are not critical for basic attestation verification. Verifiers **MAY** choose
@@ -287,7 +295,7 @@ algorithm for the COSE_Sign1 signature:
 * **Signature Size**: 96 bytes
 * **Public Key Size**: 97 bytes (uncompressed point)
 * **Private Key Size**: 48 bytes
-* **Profile OID**: **TODO: OCP to assign OID for ECDSA-P384 profile**
+* **Profile OID**: 1.3.6.1.4.1.42623.1.3
 
 ### Size Implications
 
