rfc9782.original.xml   rfc9782.xml 
<?xml version='1.0' encoding='utf-8'?> <?xml version='1.0' encoding='utf-8'?>
<!DOCTYPE rfc [ <rfc xmlns:xi="http://www.w3.org/2001/XInclude" version="3" ipr="trust200902" do
<!ENTITY nbsp "&#160;"> cName="draft-ietf-rats-eat-media-type-12" number="9782" category="std" consensus
<!ENTITY zwsp "&#8203;"> ="true" submissionType="IETF" tocInclude="true" sortRefs="true" symRefs="true" x
<!ENTITY nbhy "&#8209;"> ml:lang="en" updates="" obsoletes="" prepTime="2025-05-27T19:14:10" indexInclude
<!ENTITY wj "&#8288;"> ="true" scripts="Common,Latin" tocDepth="3">
]> <link href="https://datatracker.ietf.org/doc/draft-ietf-rats-eat-media-type-12
<?xml-stylesheet type="text/xsl" href="rfc2629.xslt" ?> " rel="prev"/>
<!-- generated by https://github.com/cabo/kramdown-rfc version 1.7.20 (Ruby 3.3. <link href="https://dx.doi.org/10.17487/rfc9782" rel="alternate"/>
3) --> <link href="urn:issn:2070-1721" rel="alternate"/>
<rfc xmlns:xi="http://www.w3.org/2001/XInclude" ipr="trust200902" docName="draft
-ietf-rats-eat-media-type-12" category="std" consensus="true" submissionType="IE
TF" tocInclude="true" sortRefs="true" symRefs="true" version="3">
<!-- xml2rfc v2v3 conversion 3.24.0 -->
<front> <front>
<title abbrev="EAT Media Types">EAT Media Types</title> <title abbrev="EAT Media Types">Entity Attestation Token (EAT) Media Types</
<seriesInfo name="Internet-Draft" value="draft-ietf-rats-eat-media-type-12"/ title>
> <seriesInfo name="RFC" value="9782" stream="IETF"/>
<author initials="L." surname="Lundblade" fullname="Laurence Lundblade"> <author initials="L." surname="Lundblade" fullname="Laurence Lundblade">
<organization>Security Theory LLC</organization> <organization showOnFrontPage="true">Security Theory LLC</organization>
<address> <address>
<email>lgl@securitytheory.com</email> <email>lgl@securitytheory.com</email>
</address> </address>
</author> </author>
<author initials="H." surname="Birkholz" fullname="Henk Birkholz"> <author initials="H." surname="Birkholz" fullname="Henk Birkholz">
<organization abbrev="Fraunhofer SIT">Fraunhofer Institute for Secure Info rmation Technology</organization> <organization abbrev="Fraunhofer SIT" showOnFrontPage="true">Fraunhofer In stitute for Secure Information Technology</organization>
<address> <address>
<postal> <postal>
<street>Rheinstrasse 75</street> <street>Rheinstrasse 75</street>
<city>Darmstadt</city> <city>Darmstadt</city>
<code>64295</code> <code>64295</code>
<country>Germany</country> <country>Germany</country>
</postal> </postal>
<email>henk.birkholz@ietf.contact</email> <email>henk.birkholz@ietf.contact</email>
</address> </address>
</author> </author>
<author initials="T." surname="Fossati" fullname="Thomas Fossati"> <author initials="T." surname="Fossati" fullname="Thomas Fossati">
<organization>Linaro</organization> <organization showOnFrontPage="true">Linaro</organization>
<address> <address>
<email>thomas.fossati@linaro.org</email> <email>thomas.fossati@linaro.org</email>
</address> </address>
</author> </author>
<date year="2024" month="November" day="03"/> <date month="05" year="2025"/>
<area>Security</area> <area>SEC</area>
<workgroup>Remote ATtestation ProcedureS</workgroup> <workgroup>rats</workgroup>
<keyword>EAT, media type</keyword> <keyword>EAT</keyword>
<abstract> <keyword>media type</keyword>
<?line 56?> <abstract pn="section-abstract">
<t indent="0" pn="section-abstract-1">The payloads used in Remote ATtestat
<t>Payloads used in Remote Attestation Procedures may require an associated medi ion procedureS (RATS) may require an
a associated media type for their conveyance, for example, when the payloads are
type for their conveyance, for example when used in RESTful APIs.</t> used in RESTful APIs.</t>
<t>This memo defines media types to be used for Entity Attestation Tokens <t indent="0" pn="section-abstract-2">This memo defines media types to be
(EAT).</t> used for Entity Attestation Tokens (EATs).</t>
</abstract> </abstract>
<note removeInRFC="true"> <boilerplate>
<name>Discussion Venues</name> <section anchor="status-of-memo" numbered="false" removeInRFC="false" toc=
<t>Discussion of this document takes place on the "exclude" pn="section-boilerplate.1">
Remote ATtestation ProcedureS Working Group mailing list (rats@ietf.org), <name slugifiedName="name-status-of-this-memo">Status of This Memo</name
which is archived at <eref target="https://mailarchive.ietf.org/arch/browse/ >
rats/"/>.</t> <t indent="0" pn="section-boilerplate.1-1">
<t>Source for this draft and an issue tracker can be found at This is an Internet Standards Track document.
<eref target="https://github.com/thomas-fossati/draft-eat-mt"/>.</t> </t>
</note> <t indent="0" pn="section-boilerplate.1-2">
This document is a product of the Internet Engineering Task Force
(IETF). It represents the consensus of the IETF community. It has
received public review and has been approved for publication by
the Internet Engineering Steering Group (IESG). Further
information on Internet Standards is available in Section 2 of
RFC 7841.
</t>
<t indent="0" pn="section-boilerplate.1-3">
Information about the current status of this document, any
errata, and how to provide feedback on it may be obtained at
<eref target="https://www.rfc-editor.org/info/rfc9782" brackets="non
e"/>.
</t>
</section>
<section anchor="copyright" numbered="false" removeInRFC="false" toc="excl
ude" pn="section-boilerplate.2">
<name slugifiedName="name-copyright-notice">Copyright Notice</name>
<t indent="0" pn="section-boilerplate.2-1">
Copyright (c) 2025 IETF Trust and the persons identified as the
document authors. All rights reserved.
</t>
<t indent="0" pn="section-boilerplate.2-2">
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(<eref target="https://trustee.ietf.org/license-info" brackets="none
"/>) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with
respect to this document. Code Components extracted from this
document must include Revised BSD License text as described in
Section 4.e of the Trust Legal Provisions and are provided without
warranty as described in the Revised BSD License.
</t>
</section>
</boilerplate>
<toc>
<section anchor="toc" numbered="false" removeInRFC="false" toc="exclude" p
n="section-toc.1">
<name slugifiedName="name-table-of-contents">Table of Contents</name>
<ul bare="true" empty="true" indent="2" spacing="compact" pn="section-to
c.1-1">
<li pn="section-toc.1-1.1">
<t indent="0" keepWithNext="true" pn="section-toc.1-1.1.1"><xref der
ivedContent="1" format="counter" sectionFormat="of" target="section-1"/>.  <xref
derivedContent="" format="title" sectionFormat="of" target="name-introduction">
Introduction</xref></t>
<ul bare="true" empty="true" indent="2" spacing="compact" pn="sectio
n-toc.1-1.1.2">
<li pn="section-toc.1-1.1.2.1">
<t indent="0" keepWithNext="true" pn="section-toc.1-1.1.2.1.1"><
xref derivedContent="1.1" format="counter" sectionFormat="of" target="section-1.
1"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-te
rminology">Terminology</xref></t>
</li>
</ul>
</li>
<li pn="section-toc.1-1.2">
<t indent="0" keepWithNext="true" pn="section-toc.1-1.2.1"><xref der
ivedContent="2" format="counter" sectionFormat="of" target="section-2"/>.  <xref
derivedContent="" format="title" sectionFormat="of" target="name-eat-types">EAT
Types</xref></t>
</li>
<li pn="section-toc.1-1.3">
<t indent="0" pn="section-toc.1-1.3.1"><xref derivedContent="3" form
at="counter" sectionFormat="of" target="section-3"/>.  <xref derivedContent="" f
ormat="title" sectionFormat="of" target="name-a-media-type-parameter-for-">A Med
ia Type Parameter for EAT Profiles</xref></t>
</li>
<li pn="section-toc.1-1.4">
<t indent="0" pn="section-toc.1-1.4.1"><xref derivedContent="4" form
at="counter" sectionFormat="of" target="section-4"/>.  <xref derivedContent="" f
ormat="title" sectionFormat="of" target="name-examples">Examples</xref></t>
</li>
<li pn="section-toc.1-1.5">
<t indent="0" pn="section-toc.1-1.5.1"><xref derivedContent="5" form
at="counter" sectionFormat="of" target="section-5"/>.  <xref derivedContent="" f
ormat="title" sectionFormat="of" target="name-security-considerations">Security
Considerations</xref></t>
</li>
<li pn="section-toc.1-1.6">
<t indent="0" pn="section-toc.1-1.6.1"><xref derivedContent="6" form
at="counter" sectionFormat="of" target="section-6"/>.  <xref derivedContent="" f
ormat="title" sectionFormat="of" target="name-iana-considerations">IANA Consider
ations</xref></t>
<ul bare="true" empty="true" indent="2" spacing="compact" pn="sectio
n-toc.1-1.6.2">
<li pn="section-toc.1-1.6.2.1">
<t indent="0" pn="section-toc.1-1.6.2.1.1"><xref derivedContent=
"6.1" format="counter" sectionFormat="of" target="section-6.1"/>.  <xref derived
Content="" format="title" sectionFormat="of" target="name-cwt-structured-syntax-
suffi"><tt>+cwt</tt> Structured Syntax Suffix</xref></t>
<ul bare="true" empty="true" indent="2" spacing="compact" pn="se
ction-toc.1-1.6.2.1.2">
<li pn="section-toc.1-1.6.2.1.2.1">
<t indent="0" pn="section-toc.1-1.6.2.1.2.1.1"><xref derived
Content="6.1.1" format="counter" sectionFormat="of" target="section-6.1.1"/>.  <
xref derivedContent="" format="title" sectionFormat="of" target="name-registry-c
ontents">Registry Contents</xref></t>
</li>
</ul>
</li>
<li pn="section-toc.1-1.6.2.2">
<t indent="0" pn="section-toc.1-1.6.2.2.1"><xref derivedContent=
"6.2" format="counter" sectionFormat="of" target="section-6.2"/>.  <xref derived
Content="" format="title" sectionFormat="of" target="name-media-types">Media Typ
es</xref></t>
</li>
<li pn="section-toc.1-1.6.2.3">
<t indent="0" pn="section-toc.1-1.6.2.3.1"><xref derivedContent=
"6.3" format="counter" sectionFormat="of" target="section-6.3"/>.  <xref derived
Content="" format="title" sectionFormat="of" target="name-application-eatcwt-reg
istra">application/eat+cwt Registration</xref></t>
</li>
<li pn="section-toc.1-1.6.2.4">
<t indent="0" pn="section-toc.1-1.6.2.4.1"><xref derivedContent=
"6.4" format="counter" sectionFormat="of" target="section-6.4"/>.  <xref derived
Content="" format="title" sectionFormat="of" target="name-application-eatjwt-reg
istra">application/eat+jwt Registration</xref></t>
</li>
<li pn="section-toc.1-1.6.2.5">
<t indent="0" pn="section-toc.1-1.6.2.5.1"><xref derivedContent=
"6.5" format="counter" sectionFormat="of" target="section-6.5"/>.  <xref derived
Content="" format="title" sectionFormat="of" target="name-application-eat-buncbo
r-reg">application/eat-bun+cbor Registration</xref></t>
</li>
<li pn="section-toc.1-1.6.2.6">
<t indent="0" pn="section-toc.1-1.6.2.6.1"><xref derivedContent=
"6.6" format="counter" sectionFormat="of" target="section-6.6"/>.  <xref derived
Content="" format="title" sectionFormat="of" target="name-application-eat-bunjso
n-reg">application/eat-bun+json Registration</xref></t>
</li>
<li pn="section-toc.1-1.6.2.7">
<t indent="0" pn="section-toc.1-1.6.2.7.1"><xref derivedContent=
"6.7" format="counter" sectionFormat="of" target="section-6.7"/>.  <xref derived
Content="" format="title" sectionFormat="of" target="name-application-eat-ucscbo
r-reg">application/eat-ucs+cbor Registration</xref></t>
</li>
<li pn="section-toc.1-1.6.2.8">
<t indent="0" pn="section-toc.1-1.6.2.8.1"><xref derivedContent=
"6.8" format="counter" sectionFormat="of" target="section-6.8"/>.  <xref derived
Content="" format="title" sectionFormat="of" target="name-application-eat-ucsjso
n-reg">application/eat-ucs+json Registration</xref></t>
</li>
<li pn="section-toc.1-1.6.2.9">
<t indent="0" pn="section-toc.1-1.6.2.9.1"><xref derivedContent=
"6.9" format="counter" sectionFormat="of" target="section-6.9"/>.  <xref derived
Content="" format="title" sectionFormat="of" target="name-coap-content-format-re
gistr">CoAP Content-Format Registrations</xref></t>
</li>
</ul>
</li>
<li pn="section-toc.1-1.7">
<t indent="0" pn="section-toc.1-1.7.1"><xref derivedContent="7" form
at="counter" sectionFormat="of" target="section-7"/>.  <xref derivedContent="" f
ormat="title" sectionFormat="of" target="name-references">References</xref></t>
<ul bare="true" empty="true" indent="2" spacing="compact" pn="sectio
n-toc.1-1.7.2">
<li pn="section-toc.1-1.7.2.1">
<t indent="0" pn="section-toc.1-1.7.2.1.1"><xref derivedContent=
"7.1" format="counter" sectionFormat="of" target="section-7.1"/>.  <xref derived
Content="" format="title" sectionFormat="of" target="name-normative-references">
Normative References</xref></t>
</li>
<li pn="section-toc.1-1.7.2.2">
<t indent="0" pn="section-toc.1-1.7.2.2.1"><xref derivedContent=
"7.2" format="counter" sectionFormat="of" target="section-7.2"/>.  <xref derived
Content="" format="title" sectionFormat="of" target="name-informative-references
">Informative References</xref></t>
</li>
</ul>
</li>
<li pn="section-toc.1-1.8">
<t indent="0" pn="section-toc.1-1.8.1"><xref derivedContent="" forma
t="none" sectionFormat="of" target="section-appendix.a"/><xref derivedContent=""
format="title" sectionFormat="of" target="name-acknowledgments">Acknowledgments
</xref></t>
</li>
<li pn="section-toc.1-1.9">
<t indent="0" pn="section-toc.1-1.9.1"><xref derivedContent="" forma
t="none" sectionFormat="of" target="section-appendix.b"/><xref derivedContent=""
format="title" sectionFormat="of" target="name-authors-addresses">Authors' Addr
esses</xref></t>
</li>
</ul>
</section>
</toc>
</front> </front>
<middle> <middle>
<?line 63?> <section anchor="introduction" numbered="true" removeInRFC="false" toc="incl
ude" pn="section-1">
<section anchor="introduction"> <name slugifiedName="name-introduction">Introduction</name>
<name>Introduction</name> <t indent="0" pn="section-1-1">Payloads used in Remote ATtestation procedu
<t>Payloads used in Remote Attestation Procedures <xref target="RATS-Arch" reS (RATS) <xref target="RFC9334" format="default" sectionFormat="of" derivedCon
/> may require an tent="RATS-ARCH"/> may require an
associated media type for their conveyance, for example when used in RESTful associated media type for their conveyance, for example, when used in RESTful
APIs (<xref target="fig-api-sd"/>).</t> APIs (<xref target="fig-api-sd" format="default" sectionFormat="of" derivedConte
<figure anchor="fig-api-sd"> nt="Figure 1"/>).</t>
<name>Conveying RATS conceptual messages in REST APIs using EAT</name> <figure anchor="fig-api-sd" align="left" suppress-title="false" pn="figure
<artset> -1">
<artwork type="svg" align="center"><svg xmlns="http://www.w3.org/2000/ <name slugifiedName="name-conveying-rats-conceptual-m">Conveying RATS Co
svg" version="1.1" height="288" width="512" viewBox="0 0 512 288" class="diagram nceptual Messages in REST APIs Using EATs</name>
" text-anchor="middle" font-family="monospace" font-size="13px" stroke-linecap=" <artset pn="section-1-2.1">
round"> <artwork type="svg" align="center" pn="section-1-2.1.1"><svg xmlns="ht
tp://www.w3.org/2000/svg" version="1.1" height="288" width="512" viewBox="0 0 51
2 288" class="diagram" text-anchor="middle" font-family="monospace" font-size="1
3px" stroke-linecap="round">
<path d="M 8,32 L 8,64" fill="none" stroke="black"/> <path d="M 8,32 L 8,64" fill="none" stroke="black"/>
<path d="M 24,64 L 24,272" fill="none" stroke="black"/> <path d="M 24,64 L 24,272" fill="none" stroke="black"/>
<path d="M 136,32 L 136,64" fill="none" stroke="black"/> <path d="M 136,32 L 136,64" fill="none" stroke="black"/>
<path d="M 216,32 L 216,64" fill="none" stroke="black"/> <path d="M 216,32 L 216,64" fill="none" stroke="black"/>
<path d="M 256,64 L 256,272" fill="none" stroke="black"/> <path d="M 256,64 L 256,272" fill="none" stroke="black"/>
<path d="M 304,32 L 304,64" fill="none" stroke="black"/> <path d="M 304,32 L 304,64" fill="none" stroke="black"/>
<path d="M 416,32 L 416,64" fill="none" stroke="black"/> <path d="M 416,32 L 416,64" fill="none" stroke="black"/>
<path d="M 488,64 L 488,272" fill="none" stroke="black"/> <path d="M 488,64 L 488,272" fill="none" stroke="black"/>
<path d="M 504,32 L 504,64" fill="none" stroke="black"/> <path d="M 504,32 L 504,64" fill="none" stroke="black"/>
<path d="M 8,32 L 136,32" fill="none" stroke="black"/> <path d="M 8,32 L 136,32" fill="none" stroke="black"/>
skipping to change at line 115 skipping to change at line 219
<text x="444" y="148">Results)</text> <text x="444" y="148">Results)</text>
<text x="180" y="180">POST</text> <text x="180" y="180">POST</text>
<text x="224" y="180">/auth</text> <text x="224" y="180">/auth</text>
<text x="112" y="196">EAT(Attestation</text> <text x="112" y="196">EAT(Attestation</text>
<text x="212" y="196">Results)</text> <text x="212" y="196">Results)</text>
<text x="48" y="228">201</text> <text x="48" y="228">201</text>
<text x="96" y="228">Created</text> <text x="96" y="228">Created</text>
</g> </g>
</svg> </svg>
</artwork> </artwork>
<artwork type="ascii-art" align="center"><![CDATA[ <artwork type="ascii-art" align="center" pn="section-1-2.1.2">
.---------------. .----------. .----------. .---------------. .----------. .----------.
| Relying Party | | Attester | | Verifier | | Relying Party | | Attester | | Verifier |
'-+-------------' '----+-----' '--------+-' '-+-------------' '----+-----' '--------+-'
| | POST /verify | | | POST /verify |
| | EAT(Evidence) | | | EAT(Evidence) |
| +--------------------------->| | +---------------------------&gt;|
| | 200 OK | | | 200 OK |
| | EAT(Attestation Results) | | | EAT(Attestation Results) |
| |<---------------------------+ | |&lt;---------------------------+
| POST /auth | | | POST /auth | |
| EAT(Attestation Results) | | | EAT(Attestation Results) | |
|<---------------------------+ | |&lt;---------------------------+ |
| 201 Created | | | 201 Created | |
+--------------------------->| | +---------------------------&gt;| |
| | | | | |
| | | | | |
]]></artwork> </artwork>
</artset> </artset>
</figure> </figure>
<t>This memo defines media types to be used for Entity Attestation Token ( <t indent="0" pn="section-1-3">This memo defines media types to be used fo
EAT) r EAT
<xref target="EAT"/> payloads independently of the RATS Conceptual Message in wh payloads <xref target="RFC9711" format="default" sectionFormat="of" derivedConte
ich they nt="EAT"/> independently of the RATS Conceptual Message in which they
manifest themselves. The objective is to give protocol, API and application manifest themselves. The objective is to give protocol, API, and application
designers a number of readily available and reusable media types for designers a number of readily available and reusable media types for
integrating EAT-based messages in their flows, for example when using HTTP integrating EAT-based messages in their flows, e.g., when using HTTP
<xref target="BUILD-W-HTTP"/> or CoAP <xref target="REST-IoT"/>.</t> <xref target="BCP56" format="default" sectionFormat="of" derivedContent="BUILD-W
<section anchor="requirements-language"> -HTTP"/> or the Constrained Application Protocol (CoAP) <xref target="I-D.irtf-t
<name>Requirements Language</name> 2trg-rest-iot" format="default" sectionFormat="of" derivedContent="REST-IoT"/>.<
<t>This document uses the terms and concepts defined in <xref target="RA /t>
TS-Arch"/>.</t> <section anchor="terminology" numbered="true" removeInRFC="false" toc="inc
lude" pn="section-1.1">
<name slugifiedName="name-terminology">Terminology</name>
<t indent="0" pn="section-1.1-1">This document uses the terms and concep
ts defined in <xref target="RFC9334" format="default" sectionFormat="of" derived
Content="RATS-ARCH"/>.</t>
</section> </section>
</section> </section>
<section anchor="eat-types"> <section anchor="eat-types" numbered="true" removeInRFC="false" toc="include
<name>EAT Types</name> " pn="section-2">
<t><xref target="fig-eat-types"/> illustrates the six EAT wire formats and <name slugifiedName="name-eat-types">EAT Types</name>
how they relate to <t indent="0" pn="section-2-1"><xref target="fig-eat-types" format="defaul
each other. <xref target="EAT"/> defines four of them (CWT, JWT and Detached EA t" sectionFormat="of" derivedContent="Figure 2"/> illustrates the six EAT wire f
T Bundle in ormats and how they relate to
its JSON and CBOR flavours), whilst <xref target="UCCS"/> defines UCCS and UJCS. each other. <xref target="RFC9711" format="default" sectionFormat="of" derivedC
</t> ontent="EAT"/> defines four of them (CBOR Web Token (CWT), JSON Web Token (JWT),
<figure anchor="fig-eat-types"> and the detached EAT bundle in
<name>EAT Types</name> its JSON and CBOR flavours), while <xref target="RFC9781" format="default" secti
<artset> onFormat="of" derivedContent="UCCS"/> defines the Unprotected CWT Claims Set (UC
<artwork type="svg" align="center"><svg xmlns="http://www.w3.org/2000/ CS) and Unprotected JWT Claims Sets (UJCS).</t>
svg" version="1.1" height="544" width="520" viewBox="0 0 520 544" class="diagram <figure anchor="fig-eat-types" align="left" suppress-title="false" pn="fig
" text-anchor="middle" font-family="monospace" font-size="13px" stroke-linecap=" ure-2">
round"> <name slugifiedName="name-eat-types-2">EAT Types</name>
<artset pn="section-2-2.1">
<artwork type="svg" align="center" pn="section-2-2.1.1"><svg xmlns="ht
tp://www.w3.org/2000/svg" version="1.1" height="544" width="520" viewBox="0 0 52
0 544" class="diagram" text-anchor="middle" font-family="monospace" font-size="1
3px" stroke-linecap="round">
<path d="M 8,432 L 8,464" fill="none" stroke="black"/> <path d="M 8,432 L 8,464" fill="none" stroke="black"/>
<path d="M 72,64 L 72,424" fill="none" stroke="black"/> <path d="M 72,64 L 72,424" fill="none" stroke="black"/>
<path d="M 120,48 L 120,64" fill="none" stroke="black"/> <path d="M 120,48 L 120,64" fill="none" stroke="black"/>
<path d="M 120,112 L 120,128" fill="none" stroke="black"/> <path d="M 120,112 L 120,128" fill="none" stroke="black"/>
<path d="M 120,176 L 120,192" fill="none" stroke="black"/> <path d="M 120,176 L 120,192" fill="none" stroke="black"/>
<path d="M 120,240 L 120,256" fill="none" stroke="black"/> <path d="M 120,240 L 120,256" fill="none" stroke="black"/>
<path d="M 120,304 L 120,320" fill="none" stroke="black"/> <path d="M 120,304 L 120,320" fill="none" stroke="black"/>
<path d="M 120,368 L 120,384" fill="none" stroke="black"/> <path d="M 120,368 L 120,384" fill="none" stroke="black"/>
<path d="M 128,432 L 128,464" fill="none" stroke="black"/> <path d="M 128,432 L 128,464" fill="none" stroke="black"/>
<path d="M 176,32 L 176,48" fill="none" stroke="black"/> <path d="M 176,32 L 176,48" fill="none" stroke="black"/>
skipping to change at line 305 skipping to change at line 409
<text x="152" y="180">JWT</text> <text x="152" y="180">JWT</text>
<text x="260" y="212">Crypto</text> <text x="260" y="212">Crypto</text>
<text x="152" y="244">CWT</text> <text x="152" y="244">CWT</text>
<text x="388" y="276">Claims-Set</text> <text x="388" y="276">Claims-Set</text>
<text x="152" y="308">BUN-J</text> <text x="152" y="308">BUN-J</text>
<text x="260" y="340">Bundle</text> <text x="260" y="340">Bundle</text>
<text x="476" y="340">Digest</text> <text x="476" y="340">Digest</text>
<text x="152" y="372">BUN-C</text> <text x="152" y="372">BUN-C</text>
<text x="388" y="388">submod</text> <text x="388" y="388">submod</text>
<text x="68" y="452">Nested-Token</text> <text x="68" y="452">Nested-Token</text>
<text x="76" y="516">Legenda:</text> <text x="76" y="516">Legend:</text>
<text x="168" y="516">Process</text> <text x="168" y="516">Process</text>
<text x="268" y="516">Wire</text> <text x="268" y="516">Wire</text>
<text x="304" y="516">Fmt</text> <text x="304" y="516">Fmt</text>
<text x="388" y="516">CDDL</text> <text x="388" y="516">CDDL</text>
</g> </g>
</svg> </svg>
</artwork> </artwork>
<artwork type="ascii-art" align="center"><![CDATA[ <artwork type="ascii-art" align="center" pn="section-2-2.1.2">
.-----. .-----.
.----+ UJCS |<-------------------------. .----+ UJCS |&lt;-------------------------.
| '-----' | | '-----' |
| | | |
| .-----. | | .-----. |
+-----+ UCCS |<-----------------------. | +-----+ UCCS |&lt;-----------------------. |
| '-----' | | | '-----' | |
| | | | | |
| .------. | | | .------. | |
+-----+ JWT |<------. | | +-----+ JWT |&lt;------. | |
| '------' .--+---. | | | '------' .--+---. | |
| | Crypto |<------. | | | | Crypto |&lt;------. | |
| .------. '--+---' | | | | .------. '--+---' | | |
+-----+ CWT |<------' | | | +-----+ CWT |&lt;------' | | |
| '------' .---+-+-+----. | '------' .---+-+-+----.
| | Claims-Set +--. | | Claims-Set +--.
| .------. '---+---+----' | | .------. '---+---+----' |
+-----+ BUN-J |<------. | ^ | v +-----+ BUN-J |&lt;------. | ^ | v
| '------' .--+---. | | | .------. | '------' .--+---. | | | .------.
| | Bundle |<------' | | | Digest | | | Bundle |&lt;------' | | | Digest |
| .------. '--+---' | v '--+---' | .------. '--+---' | v '--+---'
+-----+ BUN-C |<------' ^ .---+----. | +-----+ BUN-C |&lt;------' ^ .---+----. |
| '------' | | submod |<---' | '------' | | submod |&lt;---'
| | '--------' | | '--------'
v | ^ v | ^
.--------------. | | .--------------. | |
| Nested-Token +-----------------+------------' | Nested-Token +-----------------+------------'
'--------------' '--------------'
.-------. .---------. .------. .-------. .---------. .------.
Legenda: | Process | | Wire Fmt | | CDDL | Legend: | Process | | Wire Fmt | | CDDL |
'-------' '---------' '------' '-------' '---------' '------'
]]></artwork> </artwork>
</artset> </artset>
</figure> </figure>
</section> </section>
<section anchor="a-media-type-parameter-for-eat-profiles"> <section anchor="a-media-type-parameter-for-eat-profiles" numbered="true" re
<name>A Media Type Parameter for EAT Profiles</name> moveInRFC="false" toc="include" pn="section-3">
<t>EAT is an open and flexible format. To improve interoperability, <xref <name slugifiedName="name-a-media-type-parameter-for-">A Media Type Parame
section="6" sectionFormat="of" target="EAT"/> defines the concept of EAT profil ter for EAT Profiles</name>
es. Profiles are used to constrain <t indent="0" pn="section-3-1">EAT is an open and flexible format. To imp
rove interoperability, <xref section="6" sectionFormat="of" target="RFC9711" for
mat="default" derivedLink="https://rfc-editor.org/rfc/rfc9711#section-6" derived
Content="EAT"/> defines the concept of EAT profiles. Profiles are used to const
rain
the parameters that producers and consumers of a specific EAT profile need to the parameters that producers and consumers of a specific EAT profile need to
understand in order to interoperate. For example: the number and type of understand in order to interoperate, e.g., the number and type of
claims, which serialisation format, the supported signature schemes, etc. EATs claims, which serialisation format, the supported signature schemes, etc. EATs
carry an in-band profile identifier using the <tt>eat_profile</tt> claim (see carry an in-band profile identifier using the "eat_profile" claim (see
<xref section="4.3.2" sectionFormat="of" target="EAT"/>). The value of the <tt> <xref section="4.3.2" sectionFormat="of" target="RFC9711" format="default" deriv
eat_profile</tt> claim is either an edLink="https://rfc-editor.org/rfc/rfc9711#section-4.3.2" derivedContent="EAT"/>
). The value of the "eat_profile" claim is either an
OID or a URI.</t> OID or a URI.</t>
<t>The media types defined in this document include an optional <tt>eat_pr <t indent="0" pn="section-3-2">The media types defined in this document in
ofile</tt> clude an optional "eat_profile"
parameter that can be used to mirror the <tt>eat_profile</tt> claim of the trans parameter that can be used to mirror the "eat_profile" claim of the transported
ported
EAT. Exposing the EAT profile at the API layer allows API routers to dispatch EAT. Exposing the EAT profile at the API layer allows API routers to dispatch
payloads directly to the profile-specific processor without having to snoop payloads directly to the profile-specific processor without having to snoop
into the request bodies. This design also provides a finer-grained and into the request bodies. This design also provides a finer-grained and
scalable type system that matches the inherent extensibility of EAT. The scalable type system that matches the inherent extensibility of EAT. The
expectation being that a certain EAT profile automatically obtains a media type expectation being that a certain EAT profile automatically obtains a media type
derived from the base (e.g., <tt>application/eat+cwt)</tt> by populating the derived from the base (e.g., <tt>application/eat+cwt</tt>) by populating the
<tt>eat_profile</tt> parameter with the corresponding OID or URL.</t> "eat_profile" parameter with the corresponding OID or URL.</t>
<t>When the parameterised version of the EAT media type is used in HTTP (f <t indent="0" pn="section-3-3">When the parameterised version of the EAT m
or edia type is used in HTTP (for
example, with the "Content-Type" and "Accept" headers), and the value is an example, with the "Content-Type" and "Accept" headers) and the value is an
absolute URI (<xref section="4.3" sectionFormat="of" target="URI"/>), the <tt>pa absolute URI (<xref section="4.3" sectionFormat="of" target="RFC3986" format="de
rameter-value</tt> (<xref section="A" sectionFormat="of" target="HTTP"/>) uses t fault" derivedLink="https://rfc-editor.org/rfc/rfc3986#section-4.3" derivedConte
he <tt>quoted-string</tt> encoding, e.g.:</t> nt="URI"/>), the <tt>parameter-value</tt> (<xref section="A" sectionFormat="of"
<ul empty="true"> target="RFC9110" format="default" derivedLink="https://rfc-editor.org/rfc/rfc911
<li> 0#appendix-A" derivedContent="HTTP"/>) uses the <tt>quoted-string</tt> encoding,
<t><tt>application/eat+jwt; eat_profile="tag:evidence.example,2022"</t for example:</t>
t></t> <t indent="5" pn="section-3-4"><tt>application/eat+jwt; eat_profile="tag:e
</li> vidence.example,2022"</tt></t>
</ul> <t indent="0" pn="section-3-5">Instead, when the EAT profile is an OID, th
<t>Instead, when the EAT profile is an OID, the <tt>token</tt> encoding (i e <tt>token</tt> encoding
.e., without (i.e., without quotes) can be used. For example:</t>
quotes) can be used, e.g.:</t> <t indent="5" pn="section-3-6"><tt>application/eat+cwt; eat_profile=2.999.
<ul empty="true"> 1</tt>.</t>
<li>
<t><tt>application/eat+cwt; eat_profile=2.999.1</tt>.</t>
</li>
</ul>
</section> </section>
<section anchor="examples"> <section anchor="examples" numbered="true" removeInRFC="false" toc="include"
<name>Examples</name> pn="section-4">
<t>The example in <xref target="fig-rest-req"/> illustrates the usage of E <name slugifiedName="name-examples">Examples</name>
AT media types for <t indent="0" pn="section-4-1">The example in <xref target="fig-rest-req"
format="default" sectionFormat="of" derivedContent="Figure 3"/> illustrates the
usage of EAT media types for
transporting attestation evidence as well as negotiating the acceptable format transporting attestation evidence as well as negotiating the acceptable format
of the attestation result.</t> of the attestation result.</t>
<figure anchor="fig-rest-req"> <figure anchor="fig-rest-req" align="left" suppress-title="false" pn="figu
<name>Example REST Verification API (request)</name> re-3">
<sourcecode type="http-message"><![CDATA[ <name slugifiedName="name-example-rest-verification-a">Example REST Veri
# NOTE: '\' line wrapping per RFC 8792 fication API (request)</name>
<sourcecode type="http-message" markers="false" pn="section-4-2.1">
NOTE: '\' line wrapping per RFC 8792
POST /challenge-response/v1/session/1234567890 HTTP/1.1 POST /challenge-response/v1/session/1234567890 HTTP/1.1
Host: verifier.example Host: verifier.example
Accept: application/eat+cwt; eat_profile="tag:ar4si.example,2021" Accept: application/eat+cwt; eat_profile="tag:ar4si.example,2021"
Content-Type: application/eat+cwt; \ Content-Type: application/eat+cwt; \
eat_profile="tag:evidence.example,2022" eat_profile="tag:evidence.example,2022"
[ CBOR-encoded EAT w/ eat_profile="tag:evidence.example,2022" ] [ CBOR-encoded EAT w/ eat_profile="tag:evidence.example,2022" ]
]]></sourcecode> </sourcecode>
</figure> </figure>
<t>The example in <xref target="fig-rest-rsp"/> illustrates the usage of E AT media types for <t indent="0" pn="section-4-3">The example in <xref target="fig-rest-rsp" format="default" sectionFormat="of" derivedContent="Figure 4"/> illustrates the usage of EAT media types for
transporting attestation results.</t> transporting attestation results.</t>
<figure anchor="fig-rest-rsp"> <figure anchor="fig-rest-rsp" align="left" suppress-title="false" pn="figu
<name>Example REST Verification API (response)</name> re-4">
<sourcecode type="http-message"><![CDATA[ <name slugifiedName="name-example-rest-verification-ap">Example REST Ver
# NOTE: '\' line wrapping per RFC 8792 ification API (response)</name>
<sourcecode type="http-message" markers="false" pn="section-4-4.1">
NOTE: '\' line wrapping per RFC 8792
HTTP/1.1 200 OK HTTP/1.1 200 OK
Content-Type: application/eat+cwt; \ Content-Type: application/eat+cwt; \
eat_profile="tag:ar4si.example,2021" eat_profile="tag:ar4si.example,2021"
[ CBOR-encoded EAT w/ eat_profile="tag:ar4si.example,2021" ] [ CBOR-encoded EAT w/ eat_profile="tag:ar4si.example,2021" ]
]]></sourcecode> </sourcecode>
</figure> </figure>
<t>In both cases, a tag URI <xref target="TAG"/> identifying the profile i s carried as an <t indent="0" pn="section-4-5">In both cases, a tag URI <xref target="RFC4 151" format="default" sectionFormat="of" derivedContent="TAG"/> identifying the profile is carried as an
explicit parameter.</t> explicit parameter.</t>
</section> </section>
<section anchor="seccons"> <section anchor="seccons" numbered="true" removeInRFC="false" toc="include"
<name>Security Considerations</name> pn="section-5">
<t>Media types only provide clues to the processing application. The appli <name slugifiedName="name-security-considerations">Security Considerations
cation </name>
<t indent="0" pn="section-5-1">Media types only provide clues to the proce
ssing application. The application
must verify that the received data matches the expected format, regardless of must verify that the received data matches the expected format, regardless of
the advertised media type, and stop further processing on failure. Failing to the advertised media type, and stop further processing on failure. Failing to
do so could expose the user to security risks, such as privilege escalation do so could expose the user to security risks, such as privilege escalation
and cross-protocol attacks.</t> and cross-protocol attacks.</t>
<t>The security consideration of <xref target="EAT"/> and <xref target="UC <t indent="0" pn="section-5-2">The security considerations of <xref target
CS"/> apply in full.</t> ="RFC9711" format="default" sectionFormat="of" derivedContent="EAT"/> and <xref
<t>In particular, when using <tt>application/eat-ucs+json</tt> and <tt>app target="RFC9781" format="default" sectionFormat="of" derivedContent="UCCS"/> app
lication/eat-ucs+cbor</tt> the reader should review <xref section="3" sectionFor ly in full.</t>
mat="of" target="UCCS"/>, which contains a detailed discussion about the charact <t indent="0" pn="section-5-3">When using <tt>application/eat-ucs+json</tt
eristics of a "Secure Channel" for conveyance of such messages.</t> > and <tt>application/eat-ucs+cbor</tt> in particular, the reader should review
<xref section="3" sectionFormat="of" target="RFC9781" format="default" derivedLi
nk="https://rfc-editor.org/rfc/rfc9781#section-3" derivedContent="UCCS"/>, which
contains a detailed discussion about the characteristics of a "Secure Channel"
for conveyance of such messages.</t>
</section> </section>
<section anchor="iana-considerations"> <section anchor="iana-considerations" numbered="true" removeInRFC="false" to
<name>IANA Considerations</name> c="include" pn="section-6">
<t><cref anchor="to-be-removed">RFC Editor: please replace RFCthis with th <name slugifiedName="name-iana-considerations">IANA Considerations</name>
is RFC number and remove this note.</cref></t> <section anchor="cwt-structured-syntax-suffix" numbered="true" removeInRFC
<section anchor="cwt-structured-syntax-suffix"> ="false" toc="include" pn="section-6.1">
<name><tt>+cwt</tt> Structured Syntax Suffix</name> <name slugifiedName="name-cwt-structured-syntax-suffi"><tt>+cwt</tt> Str
<t>IANA is requested to register the <tt>+cwt</tt> structured syntax suf uctured Syntax Suffix</name>
fix in the <t indent="0" pn="section-6.1-1">IANA has registered <tt>+cwt</tt> in th
"Structured Syntax Suffixes" registry <xref target="IANA.media-type-structured-s e
uffix"/> in "Structured Syntax Suffixes" registry <xref target="STRUCT-SYNTAX" format="defau
the manner described in <xref target="MediaTypes"/>, which can be used to indica lt" sectionFormat="of" derivedContent="STRUCT-SYNTAX"/> in
te that the the manner described in <xref target="RFC6838" format="default" sectionFormat="o
f" derivedContent="MEDIATYPES"/>. <tt>+cwt</tt> can be used to indicate that th
e
media type is encoded as a CWT.</t> media type is encoded as a CWT.</t>
<section anchor="registry-contents"> <section anchor="registry-contents" numbered="true" removeInRFC="false"
<name>Registry Contents</name> toc="include" pn="section-6.1.1">
<dl spacing="compact"> <name slugifiedName="name-registry-contents">Registry Contents</name>
<dt>Name:</dt> <dl spacing="normal" newline="false" indent="3" pn="section-6.1.1-1">
<dd> <dt pn="section-6.1.1-1.1">Name:</dt>
<t>CBOR Web Token (CWT)</t> <dd pn="section-6.1.1-1.2">
<t indent="0" pn="section-6.1.1-1.2.1">CBOR Web Token (CWT)</t>
</dd> </dd>
<dt>+suffix:</dt> <dt pn="section-6.1.1-1.3">+suffix:</dt>
<dd> <dd pn="section-6.1.1-1.4">
<t>+cwt</t> <t indent="0" pn="section-6.1.1-1.4.1"><tt>+cwt</tt></t>
</dd> </dd>
<dt>References:</dt> <dt pn="section-6.1.1-1.5">References:</dt>
<dd> <dd pn="section-6.1.1-1.6">
<t><xref target="CWT"/></t> <t indent="0" pn="section-6.1.1-1.6.1"><xref target="RFC8392" form
at="default" sectionFormat="of" derivedContent="CWT"/></t>
</dd> </dd>
<dt>Encoding Considerations:</dt> <dt pn="section-6.1.1-1.7">Encoding Considerations:</dt>
<dd> <dd pn="section-6.1.1-1.8">
<t>binary</t> <t indent="0" pn="section-6.1.1-1.8.1">binary</t>
</dd> </dd>
<dt>Interoperability Considerations:</dt> <dt pn="section-6.1.1-1.9">Interoperability Considerations:</dt>
<dd> <dd pn="section-6.1.1-1.10">
<t>N/A</t> <t indent="0" pn="section-6.1.1-1.10.1">N/A</t>
</dd> </dd>
<dt>Fragment Identifier Considerations:</dt> <dt pn="section-6.1.1-1.11">Fragment Identifier Considerations:</dt>
<dd> <dd pn="section-6.1.1-1.12">
<t>The syntax and semantics of fragment identifiers specified for <t indent="0" pn="section-6.1.1-1.12.1">The syntax and semantics o
+cwt SHOULD be f fragment identifiers specified for <tt>+cwt</tt> SHOULD be
as specified for <tt>application/cwt</tt>. (At publication of this document, th as specified for <tt>application/cwt</tt>. (At the time of publication, there
ere
is no fragment identification syntax defined for <tt>application/cwt</tt>.)</t> is no fragment identification syntax defined for <tt>application/cwt</tt>.)</t>
</dd> </dd>
<dt>Security Considerations:</dt> <dt pn="section-6.1.1-1.13">Security Considerations:</dt>
<dd> <dd pn="section-6.1.1-1.14">
<t>See <xref section="8" sectionFormat="of" target="CWT"/></t> <t indent="0" pn="section-6.1.1-1.14.1">See <xref section="8" sect
ionFormat="of" target="RFC8392" format="default" derivedLink="https://rfc-editor
.org/rfc/rfc8392#section-8" derivedContent="CWT"/></t>
</dd> </dd>
<dt>Contact:</dt> <dt pn="section-6.1.1-1.15">Contact:</dt>
<dd> <dd pn="section-6.1.1-1.16">
<t>RATS WG mailing list (rats@ietf.org), or IETF Security Area (sa <t indent="0" pn="section-6.1.1-1.16.1">RATS WG mailing list (rats
ag@ietf.org)</t> @ietf.org), or IETF Security Area (saag@ietf.org)</t>
</dd> </dd>
<dt>Author/Change Controller:</dt> <dt pn="section-6.1.1-1.17">Author/Change Controller:</dt>
<dd> <dd pn="section-6.1.1-1.18">
<t>Remote ATtestation ProcedureS (RATS) Working Group. <t indent="0" pn="section-6.1.1-1.18.1">Remote ATtestation Procedu
reS (RATS) Working Group.
The IETF has change control over this registration.</t> The IETF has change control over this registration.</t>
</dd> </dd>
</dl> </dl>
</section> </section>
</section> </section>
<section anchor="media-type"> <section anchor="media-type" numbered="true" removeInRFC="false" toc="incl
<name>Media Types</name> ude" pn="section-6.2">
<t>IANA is requested to add the following media types to the <name slugifiedName="name-media-types">Media Types</name>
"Media Types" registry <xref target="IANA.media-types"/>.</t> <t indent="0" pn="section-6.2-1">IANA has registered the following media
<table align="left" anchor="new-media-type"> types in the
<name>New Media Types</name> "Media Types" registry <xref target="MEDIA-TYPES" format="default" sectionFormat
="of" derivedContent="MEDIA-TYPES"/>.</t>
<table align="center" anchor="new-media-type" pn="table-1">
<name slugifiedName="name-new-media-types">New Media Types</name>
<thead> <thead>
<tr> <tr>
<th align="left">Name</th> <th align="left" colspan="1" rowspan="1">Name</th>
<th align="left">Template</th> <th align="left" colspan="1" rowspan="1">Template</th>
<th align="left">Reference</th> <th align="left" colspan="1" rowspan="1">Reference</th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
<tr> <tr>
<td align="left">EAT CWT</td> <td align="left" colspan="1" rowspan="1">EAT CWT</td>
<td align="left">application/eat+cwt</td> <td align="left" colspan="1" rowspan="1">application/eat+cwt</td>
<td align="left">RFCthis, <xref target="media-type-eat-cwt"/></td> <td align="left" colspan="1" rowspan="1">RFC 9782, <xref target="m
edia-type-eat-cwt" format="default" sectionFormat="of" derivedContent="Section 6
.3"/></td>
</tr> </tr>
<tr> <tr>
<td align="left">EAT JWT</td> <td align="left" colspan="1" rowspan="1">EAT JWT</td>
<td align="left">application/eat+jwt</td> <td align="left" colspan="1" rowspan="1">application/eat+jwt</td>
<td align="left">RFCthis, <xref target="media-type-eat-jwt"/></td> <td align="left" colspan="1" rowspan="1">RFC 9782, <xref target="m
edia-type-eat-jwt" format="default" sectionFormat="of" derivedContent="Section 6
.4"/></td>
</tr> </tr>
<tr> <tr>
<td align="left">Detached EAT Bundle CBOR</td> <td align="left" colspan="1" rowspan="1">Detached EAT Bundle CBOR<
<td align="left">application/eat-bun+cbor</td> /td>
<td align="left">RFCthis, <xref target="media-type-deb-cbor"/></td <td align="left" colspan="1" rowspan="1">application/eat-bun+cbor<
> /td>
<td align="left" colspan="1" rowspan="1">RFC 9782, <xref target="m
edia-type-deb-cbor" format="default" sectionFormat="of" derivedContent="Section
6.5"/></td>
</tr> </tr>
<tr> <tr>
<td align="left">Detached EAT Bundle JSON</td> <td align="left" colspan="1" rowspan="1">Detached EAT Bundle JSON<
<td align="left">application/eat-bun+json</td> /td>
<td align="left">RFCthis, <xref target="media-type-deb-json"/></td <td align="left" colspan="1" rowspan="1">application/eat-bun+json<
> /td>
<td align="left" colspan="1" rowspan="1">RFC 9782, <xref target="m
edia-type-deb-json" format="default" sectionFormat="of" derivedContent="Section
6.6"/></td>
</tr> </tr>
<tr> <tr>
<td align="left">EAT UCCS</td> <td align="left" colspan="1" rowspan="1">EAT UCCS</td>
<td align="left">application/eat-ucs+cbor</td> <td align="left" colspan="1" rowspan="1">application/eat-ucs+cbor<
<td align="left">RFCthis, <xref target="media-type-ucs-cbor"/></td /td>
> <td align="left" colspan="1" rowspan="1">RFC 9782, <xref target="m
edia-type-ucs-cbor" format="default" sectionFormat="of" derivedContent="Section
6.7"/></td>
</tr> </tr>
<tr> <tr>
<td align="left">EAT UJCS</td> <td align="left" colspan="1" rowspan="1">EAT UJCS</td>
<td align="left">application/eat-ucs+json</td> <td align="left" colspan="1" rowspan="1">application/eat-ucs+json<
<td align="left">RFCthis, <xref target="media-type-ucs-json"/></td /td>
> <td align="left" colspan="1" rowspan="1">RFC 9782, <xref target="m
edia-type-ucs-json" format="default" sectionFormat="of" derivedContent="Section
6.8"/></td>
</tr> </tr>
</tbody> </tbody>
</table> </table>
</section> </section>
<section anchor="media-type-eat-cwt"> <section anchor="media-type-eat-cwt" numbered="true" removeInRFC="false" t
<name>application/eat+cwt Registration</name> oc="include" pn="section-6.3">
<dl spacing="compact"> <name slugifiedName="name-application-eatcwt-registra">application/eat+c
<dt>Type name:</dt> wt Registration</name>
<dd> <dl spacing="normal" newline="false" indent="3" pn="section-6.3-1">
<t>application</t> <dt pn="section-6.3-1.1">Type name:</dt>
<dd pn="section-6.3-1.2">
<t indent="0" pn="section-6.3-1.2.1">application</t>
</dd> </dd>
<dt>Subtype name:</dt> <dt pn="section-6.3-1.3">Subtype name:</dt>
<dd> <dd pn="section-6.3-1.4">
<t>eat+cwt</t> <t indent="0" pn="section-6.3-1.4.1">eat+cwt</t>
</dd> </dd>
<dt>Required parameters:</dt> <dt pn="section-6.3-1.5">Required parameters:</dt>
<dd> <dd pn="section-6.3-1.6">
<t>n/a</t> <t indent="0" pn="section-6.3-1.6.1">N/A</t>
</dd> </dd>
<dt>Optional parameters:</dt> <dt pn="section-6.3-1.7">Optional parameters:</dt>
<dd> <dd pn="section-6.3-1.8">
<t>"eat_profile" (EAT profile in string format. OIDs must use the <t indent="0" pn="section-6.3-1.8.1">"eat_profile" (EAT profile in s
dotted-decimal notation. The parameter value is case-insensitive.)</t> tring format. OIDs must use the
dotted-decimal notation. The parameter value is case insensitive.)</t>
</dd> </dd>
<dt>Encoding considerations:</dt> <dt pn="section-6.3-1.9">Encoding considerations:</dt>
<dd> <dd pn="section-6.3-1.10">
<t>binary</t> <t indent="0" pn="section-6.3-1.10.1">binary</t>
</dd> </dd>
<dt>Security considerations:</dt> <dt pn="section-6.3-1.11">Security considerations:</dt>
<dd> <dd pn="section-6.3-1.12">
<t><xref section="9" sectionFormat="of" target="EAT"/></t> <t indent="0" pn="section-6.3-1.12.1"><xref section="9" sectionForma
t="of" target="RFC9711" format="default" derivedLink="https://rfc-editor.org/rfc
/rfc9711#section-9" derivedContent="EAT"/></t>
</dd> </dd>
<dt>Interoperability considerations:</dt> <dt pn="section-6.3-1.13">Interoperability considerations:</dt>
<dd> <dd pn="section-6.3-1.14">
<t>n/a</t> <t indent="0" pn="section-6.3-1.14.1">N/A</t>
</dd> </dd>
<dt>Published specification:</dt> <dt pn="section-6.3-1.15">Published specification:</dt>
<dd> <dd pn="section-6.3-1.16">
<t>RFCthis</t> <t indent="0" pn="section-6.3-1.16.1">RFC 9782</t>
</dd> </dd>
<dt>Applications that use this media type:</dt> <dt pn="section-6.3-1.17">Applications that use this media type:</dt>
<dd> <dd pn="section-6.3-1.18">
<t>Attesters, Verifiers, Endorsers and Reference-Value providers, Re <t indent="0" pn="section-6.3-1.18.1">Attesters, Verifiers, Endorser
lying s and Reference-Value providers, and Relying
Parties that need to transfer EAT payloads over HTTP(S), CoAP(S), and other Parties that need to transfer EAT payloads over HTTP(S), CoAP(S), and other
transports.</t> transports.</t>
</dd> </dd>
<dt>Fragment identifier considerations:</dt> <dt pn="section-6.3-1.19">Fragment identifier considerations:</dt>
<dd> <dd pn="section-6.3-1.20">
<t>n/a</t> <t indent="0" pn="section-6.3-1.20.1">N/A</t>
</dd> </dd>
<dt>Person &amp; email address to contact for further information:</dt <dt pn="section-6.3-1.21">Person &amp; email address to contact for fu
> rther information:</dt>
<dd> <dd pn="section-6.3-1.22">
<t>RATS WG mailing list (rats@ietf.org)</t> <t indent="0" pn="section-6.3-1.22.1">RATS WG mailing list (rats@iet
f.org)</t>
</dd> </dd>
<dt>Intended usage:</dt> <dt pn="section-6.3-1.23">Intended usage:</dt>
<dd> <dd pn="section-6.3-1.24">
<t>COMMON</t> <t indent="0" pn="section-6.3-1.24.1">COMMON</t>
</dd> </dd>
<dt>Restrictions on usage:</dt> <dt pn="section-6.3-1.25">Restrictions on usage:</dt>
<dd> <dd pn="section-6.3-1.26">
<t>none</t> <t indent="0" pn="section-6.3-1.26.1">none</t>
</dd> </dd>
<dt>Author/Change controller:</dt> <dt pn="section-6.3-1.27">Author/Change controller:</dt>
<dd> <dd pn="section-6.3-1.28">
<t>IETF</t> <t indent="0" pn="section-6.3-1.28.1">IETF</t>
</dd> </dd>
<dt>Provisional registration:</dt> <dt pn="section-6.3-1.29">Provisional registration:</dt>
<dd> <dd pn="section-6.3-1.30">
<t>no</t> <t indent="0" pn="section-6.3-1.30.1">no</t>
</dd> </dd>
</dl> </dl>
</section> </section>
<section anchor="media-type-eat-jwt"> <section anchor="media-type-eat-jwt" numbered="true" removeInRFC="false" t
<name>application/eat+jwt Registration</name> oc="include" pn="section-6.4">
<dl spacing="compact"> <name slugifiedName="name-application-eatjwt-registra">application/eat+j
<dt>Type name:</dt> wt Registration</name>
<dd> <dl spacing="normal" newline="false" indent="3" pn="section-6.4-1">
<t>application</t> <dt pn="section-6.4-1.1">Type name:</dt>
<dd pn="section-6.4-1.2">
<t indent="0" pn="section-6.4-1.2.1">application</t>
</dd> </dd>
<dt>Subtype name:</dt> <dt pn="section-6.4-1.3">Subtype name:</dt>
<dd> <dd pn="section-6.4-1.4">
<t>eat+jwt</t> <t indent="0" pn="section-6.4-1.4.1">eat+jwt</t>
</dd> </dd>
<dt>Required parameters:</dt> <dt pn="section-6.4-1.5">Required parameters:</dt>
<dd> <dd pn="section-6.4-1.6">
<t>n/a</t> <t indent="0" pn="section-6.4-1.6.1">N/A</t>
</dd> </dd>
<dt>Optional parameters:</dt> <dt pn="section-6.4-1.7">Optional parameters:</dt>
<dd> <dd pn="section-6.4-1.8">
<t>"eat_profile" (EAT profile in string format. OIDs must use the <t indent="0" pn="section-6.4-1.8.1">"eat_profile" (EAT profile in s
dotted-decimal notation. The parameter value is case-insensitive.)</t> tring format. OIDs must use the
dotted-decimal notation. The parameter value is case insensitive.)</t>
</dd> </dd>
<dt>Encoding considerations:</dt> <dt pn="section-6.4-1.9">Encoding considerations:</dt>
<dd> <dd pn="section-6.4-1.10">
<t>8bit</t> <t indent="0" pn="section-6.4-1.10.1">8bit</t>
</dd> </dd>
<dt>Security considerations:</dt> <dt pn="section-6.4-1.11">Security considerations:</dt>
<dd> <dd pn="section-6.4-1.12">
<t><xref section="9" sectionFormat="of" target="EAT"/> and <xref tar <t indent="0" pn="section-6.4-1.12.1"><xref section="9" sectionForma
get="BCP225"/></t> t="of" target="RFC9711" format="default" derivedLink="https://rfc-editor.org/rfc
/rfc9711#section-9" derivedContent="EAT"/> and <xref target="BCP225" format="def
ault" sectionFormat="of" derivedContent="BCP225"/></t>
</dd> </dd>
<dt>Interoperability considerations:</dt> <dt pn="section-6.4-1.13">Interoperability considerations:</dt>
<dd> <dd pn="section-6.4-1.14">
<t>n/a</t> <t indent="0" pn="section-6.4-1.14.1">N/A</t>
</dd> </dd>
<dt>Published specification:</dt> <dt pn="section-6.4-1.15">Published specification:</dt>
<dd> <dd pn="section-6.4-1.16">
<t>RFCthis</t> <t indent="0" pn="section-6.4-1.16.1">RFC 9782</t>
</dd> </dd>
<dt>Applications that use this media type</dt> <dt pn="section-6.4-1.17">Applications that use this media type:</dt>
<dd> <dd pn="section-6.4-1.18">
<t>Attesters, Verifiers, Endorsers and Reference-Value providers, Re <t indent="0" pn="section-6.4-1.18.1">Attesters, Verifiers, Endorser
lying s and Reference-Value providers, and Relying
Parties that need to transfer EAT payloads over HTTP(S), CoAP(S), and other Parties that need to transfer EAT payloads over HTTP(S), CoAP(S), and other
transports.</t> transports.</t>
</dd> </dd>
<dt>Fragment identifier considerations:</dt> <dt pn="section-6.4-1.19">Fragment identifier considerations:</dt>
<dd> <dd pn="section-6.4-1.20">
<t>n/a</t> <t indent="0" pn="section-6.4-1.20.1">N/A</t>
</dd> </dd>
<dt>Person &amp; email address to contact for further information:</dt <dt pn="section-6.4-1.21">Person &amp; email address to contact for fu
> rther information:</dt>
<dd> <dd pn="section-6.4-1.22">
<t>RATS WG mailing list (rats@ietf.org)</t> <t indent="0" pn="section-6.4-1.22.1">RATS WG mailing list (rats@iet
f.org)</t>
</dd> </dd>
<dt>Intended usage:</dt> <dt pn="section-6.4-1.23">Intended usage:</dt>
<dd> <dd pn="section-6.4-1.24">
<t>COMMON</t> <t indent="0" pn="section-6.4-1.24.1">COMMON</t>
</dd> </dd>
<dt>Restrictions on usage:</dt> <dt pn="section-6.4-1.25">Restrictions on usage:</dt>
<dd> <dd pn="section-6.4-1.26">
<t>none</t> <t indent="0" pn="section-6.4-1.26.1">none</t>
</dd> </dd>
<dt>Author/Change controller:</dt> <dt pn="section-6.4-1.27">Author/Change controller:</dt>
<dd> <dd pn="section-6.4-1.28">
<t>IETF</t> <t indent="0" pn="section-6.4-1.28.1">IETF</t>
</dd> </dd>
<dt>Provisional registration:</dt> <dt pn="section-6.4-1.29">Provisional registration:</dt>
<dd> <dd pn="section-6.4-1.30">
<t>no</t> <t indent="0" pn="section-6.4-1.30.1">no</t>
</dd> </dd>
</dl> </dl>
</section> </section>
<section anchor="media-type-deb-cbor"> <section anchor="media-type-deb-cbor" numbered="true" removeInRFC="false"
<name>application/eat-bun+cbor Registration</name> toc="include" pn="section-6.5">
<dl spacing="compact"> <name slugifiedName="name-application-eat-buncbor-reg">application/eat-b
<dt>Type name:</dt> un+cbor Registration</name>
<dd> <dl spacing="normal" newline="false" indent="3" pn="section-6.5-1">
<t>application</t> <dt pn="section-6.5-1.1">Type name:</dt>
<dd pn="section-6.5-1.2">
<t indent="0" pn="section-6.5-1.2.1">application</t>
</dd> </dd>
<dt>Subtype name:</dt> <dt pn="section-6.5-1.3">Subtype name:</dt>
<dd> <dd pn="section-6.5-1.4">
<t>eat-bun+cbor</t> <t indent="0" pn="section-6.5-1.4.1">eat-bun+cbor</t>
</dd> </dd>
<dt>Required parameters:</dt> <dt pn="section-6.5-1.5">Required parameters:</dt>
<dd> <dd pn="section-6.5-1.6">
<t>n/a</t> <t indent="0" pn="section-6.5-1.6.1">N/A</t>
</dd> </dd>
<dt>Optional parameters:</dt> <dt pn="section-6.5-1.7">Optional parameters:</dt>
<dd> <dd pn="section-6.5-1.8">
<t>"eat_profile" (EAT profile in string format. OIDs must use the <t indent="0" pn="section-6.5-1.8.1">"eat_profile" (EAT profile in s
dotted-decimal notation. The parameter value is case-insensitive.)</t> tring format. OIDs must use the
dotted-decimal notation. The parameter value is case insensitive.)</t>
</dd> </dd>
<dt>Encoding considerations:</dt> <dt pn="section-6.5-1.9">Encoding considerations:</dt>
<dd> <dd pn="section-6.5-1.10">
<t>binary</t> <t indent="0" pn="section-6.5-1.10.1">binary</t>
</dd> </dd>
<dt>Security considerations:</dt> <dt pn="section-6.5-1.11">Security considerations:</dt>
<dd> <dd pn="section-6.5-1.12">
<t><xref section="9" sectionFormat="of" target="EAT"/></t> <t indent="0" pn="section-6.5-1.12.1"><xref section="9" sectionForma
t="of" target="RFC9711" format="default" derivedLink="https://rfc-editor.org/rfc
/rfc9711#section-9" derivedContent="EAT"/></t>
</dd> </dd>
<dt>Interoperability considerations:</dt> <dt pn="section-6.5-1.13">Interoperability considerations:</dt>
<dd> <dd pn="section-6.5-1.14">
<t>n/a</t> <t indent="0" pn="section-6.5-1.14.1">N/A</t>
</dd> </dd>
<dt>Published specification:</dt> <dt pn="section-6.5-1.15">Published specification:</dt>
<dd> <dd pn="section-6.5-1.16">
<t>RFCthis</t> <t indent="0" pn="section-6.5-1.16.1">RFC 9782</t>
</dd> </dd>
<dt>Applications that use this media type:</dt> <dt pn="section-6.5-1.17">Applications that use this media type:</dt>
<dd> <dd pn="section-6.5-1.18">
<t>Attesters, Verifiers, Endorsers and Reference-Value providers, Re <t indent="0" pn="section-6.5-1.18.1">Attesters, Verifiers, Endorser
lying s and Reference-Value providers, and Relying
Parties that need to transfer EAT payloads over HTTP(S), CoAP(S), and other Parties that need to transfer EAT payloads over HTTP(S), CoAP(S), and other
transports.</t> transports.</t>
</dd> </dd>
<dt>Fragment identifier considerations:</dt> <dt pn="section-6.5-1.19">Fragment identifier considerations:</dt>
<dd> <dd pn="section-6.5-1.20">
<t>n/a</t> <t indent="0" pn="section-6.5-1.20.1">N/A</t>
</dd> </dd>
<dt>Person &amp; email address to contact for further information:</dt <dt pn="section-6.5-1.21">Person &amp; email address to contact for fu
> rther information:</dt>
<dd> <dd pn="section-6.5-1.22">
<t>RATS WG mailing list (rats@ietf.org)</t> <t indent="0" pn="section-6.5-1.22.1">RATS WG mailing list (rats@iet
f.org)</t>
</dd> </dd>
<dt>Intended usage:</dt> <dt pn="section-6.5-1.23">Intended usage:</dt>
<dd> <dd pn="section-6.5-1.24">
<t>COMMON</t> <t indent="0" pn="section-6.5-1.24.1">COMMON</t>
</dd> </dd>
<dt>Restrictions on usage:</dt> <dt pn="section-6.5-1.25">Restrictions on usage:</dt>
<dd> <dd pn="section-6.5-1.26">
<t>none</t> <t indent="0" pn="section-6.5-1.26.1">none</t>
</dd> </dd>
<dt>Author/Change controller:</dt> <dt pn="section-6.5-1.27">Author/Change controller:</dt>
<dd> <dd pn="section-6.5-1.28">
<t>IETF</t> <t indent="0" pn="section-6.5-1.28.1">IETF</t>
</dd> </dd>
<dt>Provisional registration:</dt> <dt pn="section-6.5-1.29">Provisional registration:</dt>
<dd> <dd pn="section-6.5-1.30">
<t>no</t> <t indent="0" pn="section-6.5-1.30.1">no</t>
</dd> </dd>
</dl> </dl>
</section> </section>
<section anchor="media-type-deb-json"> <section anchor="media-type-deb-json" numbered="true" removeInRFC="false"
<name>application/eat-bun+json Registration</name> toc="include" pn="section-6.6">
<dl spacing="compact"> <name slugifiedName="name-application-eat-bunjson-reg">application/eat-b
<dt>Type name:</dt> un+json Registration</name>
<dd> <dl spacing="normal" newline="false" indent="3" pn="section-6.6-1">
<t>application</t> <dt pn="section-6.6-1.1">Type name:</dt>
<dd pn="section-6.6-1.2">
<t indent="0" pn="section-6.6-1.2.1">application</t>
</dd> </dd>
<dt>Subtype name:</dt> <dt pn="section-6.6-1.3">Subtype name:</dt>
<dd> <dd pn="section-6.6-1.4">
<t>eat-bun+json</t> <t indent="0" pn="section-6.6-1.4.1">eat-bun+json</t>
</dd> </dd>
<dt>Required parameters:</dt> <dt pn="section-6.6-1.5">Required parameters:</dt>
<dd> <dd pn="section-6.6-1.6">
<t>n/a</t> <t indent="0" pn="section-6.6-1.6.1">N/A</t>
</dd> </dd>
<dt>Optional parameters:</dt> <dt pn="section-6.6-1.7">Optional parameters:</dt>
<dd> <dd pn="section-6.6-1.8">
<t>"eat_profile" (EAT profile in string format. OIDs must use the <t indent="0" pn="section-6.6-1.8.1">"eat_profile" (EAT profile in s
dotted-decimal notation. The parameter value is case-insensitive.)</t> tring format. OIDs must use the
dotted-decimal notation. The parameter value is case insensitive.)</t>
</dd> </dd>
<dt>Encoding considerations:</dt> <dt pn="section-6.6-1.9">Encoding considerations:</dt>
<dd> <dd pn="section-6.6-1.10">
<t>Same as <xref target="JSON"/></t> <t indent="0" pn="section-6.6-1.10.1">Same as <xref target="RFC8259"
format="default" sectionFormat="of" derivedContent="JSON"/></t>
</dd> </dd>
<dt>Security considerations:</dt> <dt pn="section-6.6-1.11">Security considerations:</dt>
<dd> <dd pn="section-6.6-1.12">
<t><xref section="9" sectionFormat="of" target="EAT"/></t> <t indent="0" pn="section-6.6-1.12.1"><xref section="9" sectionForma
t="of" target="RFC9711" format="default" derivedLink="https://rfc-editor.org/rfc
/rfc9711#section-9" derivedContent="EAT"/></t>
</dd> </dd>
<dt>Interoperability considerations:</dt> <dt pn="section-6.6-1.13">Interoperability considerations:</dt>
<dd> <dd pn="section-6.6-1.14">
<t>n/a</t> <t indent="0" pn="section-6.6-1.14.1">N/A</t>
</dd> </dd>
<dt>Published specification:</dt> <dt pn="section-6.6-1.15">Published specification:</dt>
<dd> <dd pn="section-6.6-1.16">
<t>RFCthis</t> <t indent="0" pn="section-6.6-1.16.1">RFC 9782</t>
</dd> </dd>
<dt>Applications that use this media type</dt> <dt pn="section-6.6-1.17">Applications that use this media type:</dt>
<dd> <dd pn="section-6.6-1.18">
<t>Attesters, Verifiers, Endorsers and Reference-Value providers, Re <t indent="0" pn="section-6.6-1.18.1">Attesters, Verifiers, Endorser
lying s and Reference-Value providers, and Relying
Parties that need to transfer EAT payloads over HTTP(S), CoAP(S), and other Parties that need to transfer EAT payloads over HTTP(S), CoAP(S), and other
transports.</t> transports.</t>
</dd> </dd>
<dt>Fragment identifier considerations:</dt> <dt pn="section-6.6-1.19">Fragment identifier considerations:</dt>
<dd> <dd pn="section-6.6-1.20">
<t>n/a</t> <t indent="0" pn="section-6.6-1.20.1">N/A</t>
</dd> </dd>
<dt>Person &amp; email address to contact for further information:</dt <dt pn="section-6.6-1.21">Person &amp; email address to contact for fu
> rther information:</dt>
<dd> <dd pn="section-6.6-1.22">
<t>RATS WG mailing list (rats@ietf.org)</t> <t indent="0" pn="section-6.6-1.22.1">RATS WG mailing list (rats@iet
f.org)</t>
</dd> </dd>
<dt>Intended usage:</dt> <dt pn="section-6.6-1.23">Intended usage:</dt>
<dd> <dd pn="section-6.6-1.24">
<t>COMMON</t> <t indent="0" pn="section-6.6-1.24.1">COMMON</t>
</dd> </dd>
<dt>Restrictions on usage:</dt> <dt pn="section-6.6-1.25">Restrictions on usage:</dt>
<dd> <dd pn="section-6.6-1.26">
<t>none</t> <t indent="0" pn="section-6.6-1.26.1">none</t>
</dd> </dd>
<dt>Author/Change controller:</dt> <dt pn="section-6.6-1.27">Author/Change controller:</dt>
<dd> <dd pn="section-6.6-1.28">
<t>IETF</t> <t indent="0" pn="section-6.6-1.28.1">IETF</t>
</dd> </dd>
<dt>Provisional registration:</dt> <dt pn="section-6.6-1.29">Provisional registration:</dt>
<dd> <dd pn="section-6.6-1.30">
<t>no</t> <t indent="0" pn="section-6.6-1.30.1">no</t>
</dd> </dd>
</dl> </dl>
</section> </section>
<section anchor="media-type-ucs-cbor"> <section anchor="media-type-ucs-cbor" numbered="true" removeInRFC="false"
<name>application/eat-ucs+cbor Registration</name> toc="include" pn="section-6.7">
<dl spacing="compact"> <name slugifiedName="name-application-eat-ucscbor-reg">application/eat-u
<dt>Type name:</dt> cs+cbor Registration</name>
<dd> <dl spacing="normal" newline="false" indent="3" pn="section-6.7-1">
<t>application</t> <dt pn="section-6.7-1.1">Type name:</dt>
<dd pn="section-6.7-1.2">
<t indent="0" pn="section-6.7-1.2.1">application</t>
</dd> </dd>
<dt>Subtype name:</dt> <dt pn="section-6.7-1.3">Subtype name:</dt>
<dd> <dd pn="section-6.7-1.4">
<t>eat-ucs+cbor</t> <t indent="0" pn="section-6.7-1.4.1">eat-ucs+cbor</t>
</dd> </dd>
<dt>Required parameters:</dt> <dt pn="section-6.7-1.5">Required parameters:</dt>
<dd> <dd pn="section-6.7-1.6">
<t>n/a</t> <t indent="0" pn="section-6.7-1.6.1">N/A</t>
</dd> </dd>
<dt>Optional parameters:</dt> <dt pn="section-6.7-1.7">Optional parameters:</dt>
<dd> <dd pn="section-6.7-1.8">
<t>"eat_profile" (EAT profile in string format. OIDs must use the <t indent="0" pn="section-6.7-1.8.1">"eat_profile" (EAT profile in s
dotted-decimal notation. The parameter value is case-insensitive.)</t> tring format. OIDs must use the
dotted-decimal notation. The parameter value is case insensitive.)</t>
</dd> </dd>
<dt>Encoding considerations:</dt> <dt pn="section-6.7-1.9">Encoding considerations:</dt>
<dd> <dd pn="section-6.7-1.10">
<t>binary</t> <t indent="0" pn="section-6.7-1.10.1">binary</t>
</dd> </dd>
<dt>Security considerations:</dt> <dt pn="section-6.7-1.11">Security considerations:</dt>
<dd> <dd pn="section-6.7-1.12">
<t>Sections <xref target="UCCS" section="3" sectionFormat="bare"/> a <t indent="0" pn="section-6.7-1.12.1">Sections <xref target="RFC9781
nd <xref target="UCCS" section="7" sectionFormat="bare"/> of <xref target="UCCS" " section="3" sectionFormat="bare" format="default" derivedLink="https://rfc-edi
/></t> tor.org/rfc/rfc9781#section-3" derivedContent="UCCS"/> and <xref target="RFC9781
" section="7" sectionFormat="bare" format="default" derivedLink="https://rfc-edi
tor.org/rfc/rfc9781#section-7" derivedContent="UCCS"/> of <xref target="RFC9781"
format="default" sectionFormat="of" derivedContent="UCCS"/></t>
</dd> </dd>
<dt>Interoperability considerations:</dt> <dt pn="section-6.7-1.13">Interoperability considerations:</dt>
<dd> <dd pn="section-6.7-1.14">
<t>n/a</t> <t indent="0" pn="section-6.7-1.14.1">N/A</t>
</dd> </dd>
<dt>Published specification:</dt> <dt pn="section-6.7-1.15">Published specification:</dt>
<dd> <dd pn="section-6.7-1.16">
<t>RFCthis</t> <t indent="0" pn="section-6.7-1.16.1">RFC 9782</t>
</dd> </dd>
<dt>Applications that use this media type:</dt> <dt pn="section-6.7-1.17">Applications that use this media type:</dt>
<dd> <dd pn="section-6.7-1.18">
<t>Attesters, Verifiers, Endorsers and Reference-Value providers, Re <t indent="0" pn="section-6.7-1.18.1">Attesters, Verifiers, Endorser
lying s and Reference-Value providers, and Relying
Parties that need to transfer EAT payloads over HTTP(S), CoAP(S), and other Parties that need to transfer EAT payloads over HTTP(S), CoAP(S), and other
transports.</t> transports.</t>
</dd> </dd>
<dt>Fragment identifier considerations:</dt> <dt pn="section-6.7-1.19">Fragment identifier considerations:</dt>
<dd> <dd pn="section-6.7-1.20">
<t>n/a</t> <t indent="0" pn="section-6.7-1.20.1">N/A</t>
</dd> </dd>
<dt>Person &amp; email address to contact for further information:</dt <dt pn="section-6.7-1.21">Person &amp; email address to contact for fu
> rther information:</dt>
<dd> <dd pn="section-6.7-1.22">
<t>RATS WG mailing list (rats@ietf.org)</t> <t indent="0" pn="section-6.7-1.22.1">RATS WG mailing list (rats@iet
f.org)</t>
</dd> </dd>
<dt>Intended usage:</dt> <dt pn="section-6.7-1.23">Intended usage:</dt>
<dd> <dd pn="section-6.7-1.24">
<t>COMMON</t> <t indent="0" pn="section-6.7-1.24.1">COMMON</t>
</dd> </dd>
<dt>Restrictions on usage:</dt> <dt pn="section-6.7-1.25">Restrictions on usage:</dt>
<dd> <dd pn="section-6.7-1.26">
<t>none</t> <t indent="0" pn="section-6.7-1.26.1">none</t>
</dd> </dd>
<dt>Author/Change controller:</dt> <dt pn="section-6.7-1.27">Author/Change controller:</dt>
<dd> <dd pn="section-6.7-1.28">
<t>IETF</t> <t indent="0" pn="section-6.7-1.28.1">IETF</t>
</dd> </dd>
<dt>Provisional registration:</dt> <dt pn="section-6.7-1.29">Provisional registration:</dt>
<dd> <dd pn="section-6.7-1.30">
<t>no</t> <t indent="0" pn="section-6.7-1.30.1">no</t>
</dd> </dd>
</dl> </dl>
</section> </section>
<section anchor="media-type-ucs-json"> <section anchor="media-type-ucs-json" numbered="true" removeInRFC="false"
<name>application/eat-ucs+json Registration</name> toc="include" pn="section-6.8">
<dl spacing="compact"> <name slugifiedName="name-application-eat-ucsjson-reg">application/eat-u
<dt>Type name:</dt> cs+json Registration</name>
<dd> <dl spacing="normal" newline="false" indent="3" pn="section-6.8-1">
<t>application</t> <dt pn="section-6.8-1.1">Type name:</dt>
<dd pn="section-6.8-1.2">
<t indent="0" pn="section-6.8-1.2.1">application</t>
</dd> </dd>
<dt>Subtype name:</dt> <dt pn="section-6.8-1.3">Subtype name:</dt>
<dd> <dd pn="section-6.8-1.4">
<t>eat-ucs+json</t> <t indent="0" pn="section-6.8-1.4.1">eat-ucs+json</t>
</dd> </dd>
<dt>Required parameters:</dt> <dt pn="section-6.8-1.5">Required parameters:</dt>
<dd> <dd pn="section-6.8-1.6">
<t>n/a</t> <t indent="0" pn="section-6.8-1.6.1">N/A</t>
</dd> </dd>
<dt>Optional parameters:</dt> <dt pn="section-6.8-1.7">Optional parameters:</dt>
<dd> <dd pn="section-6.8-1.8">
<t>"eat_profile" (EAT profile in string format. OIDs must use the <t indent="0" pn="section-6.8-1.8.1">"eat_profile" (EAT profile in s
dotted-decimal notation. The parameter value is case-insensitive.)</t> tring format. OIDs must use the
dotted-decimal notation. The parameter value is case insensitive.)</t>
</dd> </dd>
<dt>Encoding considerations:</dt> <dt pn="section-6.8-1.9">Encoding considerations:</dt>
<dd> <dd pn="section-6.8-1.10">
<t>Same as <xref target="JSON"/></t> <t indent="0" pn="section-6.8-1.10.1">Same as <xref target="RFC8259"
format="default" sectionFormat="of" derivedContent="JSON"/></t>
</dd> </dd>
<dt>Security considerations:</dt> <dt pn="section-6.8-1.11">Security considerations:</dt>
<dd> <dd pn="section-6.8-1.12">
<t>Sections <xref target="UCCS" section="3" sectionFormat="bare"/> a <t indent="0" pn="section-6.8-1.12.1">Sections <xref target="RFC9781
nd <xref target="UCCS" section="7" sectionFormat="bare"/> of <xref target="UCCS" " section="3" sectionFormat="bare" format="default" derivedLink="https://rfc-edi
/></t> tor.org/rfc/rfc9781#section-3" derivedContent="UCCS"/> and <xref target="RFC9781
" section="7" sectionFormat="bare" format="default" derivedLink="https://rfc-edi
tor.org/rfc/rfc9781#section-7" derivedContent="UCCS"/> of <xref target="RFC9781"
format="default" sectionFormat="of" derivedContent="UCCS"/></t>
</dd> </dd>
<dt>Interoperability considerations:</dt> <dt pn="section-6.8-1.13">Interoperability considerations:</dt>
<dd> <dd pn="section-6.8-1.14">
<t>n/a</t> <t indent="0" pn="section-6.8-1.14.1">N/A</t>
</dd> </dd>
<dt>Published specification:</dt> <dt pn="section-6.8-1.15">Published specification:</dt>
<dd> <dd pn="section-6.8-1.16">
<t>RFCthis</t> <t indent="0" pn="section-6.8-1.16.1">RFC 9782</t>
</dd> </dd>
<dt>Applications that use this media type</dt> <dt pn="section-6.8-1.17">Applications that use this media type:</dt>
<dd> <dd pn="section-6.8-1.18">
<t>Attesters, Verifiers, Endorsers and Reference-Value providers, Re <t indent="0" pn="section-6.8-1.18.1">Attesters, Verifiers, Endorser
lying s and Reference-Value providers, and Relying
Parties that need to transfer EAT payloads over HTTP(S), CoAP(S), and other Parties that need to transfer EAT payloads over HTTP(S), CoAP(S), and other
transports.</t> transports.</t>
</dd> </dd>
<dt>Fragment identifier considerations:</dt> <dt pn="section-6.8-1.19">Fragment identifier considerations:</dt>
<dd> <dd pn="section-6.8-1.20">
<t>n/a</t> <t indent="0" pn="section-6.8-1.20.1">N/A</t>
</dd> </dd>
<dt>Person &amp; email address to contact for further information:</dt <dt pn="section-6.8-1.21">Person &amp; email address to contact for fu
> rther information:</dt>
<dd> <dd pn="section-6.8-1.22">
<t>RATS WG mailing list (rats@ietf.org)</t> <t indent="0" pn="section-6.8-1.22.1">RATS WG mailing list (rats@iet
f.org)</t>
</dd> </dd>
<dt>Intended usage:</dt> <dt pn="section-6.8-1.23">Intended usage:</dt>
<dd> <dd pn="section-6.8-1.24">
<t>COMMON</t> <t indent="0" pn="section-6.8-1.24.1">COMMON</t>
</dd> </dd>
<dt>Restrictions on usage:</dt> <dt pn="section-6.8-1.25">Restrictions on usage:</dt>
<dd> <dd pn="section-6.8-1.26">
<t>none</t> <t indent="0" pn="section-6.8-1.26.1">none</t>
</dd> </dd>
<dt>Author/Change controller:</dt> <dt pn="section-6.8-1.27">Author/Change controller:</dt>
<dd> <dd pn="section-6.8-1.28">
<t>IETF</t> <t indent="0" pn="section-6.8-1.28.1">IETF</t>
</dd> </dd>
<dt>Provisional registration:</dt> <dt pn="section-6.8-1.29">Provisional registration:</dt>
<dd> <dd pn="section-6.8-1.30">
<t>no</t> <t indent="0" pn="section-6.8-1.30.1">no</t>
</dd> </dd>
</dl> </dl>
</section> </section>
<section anchor="coap-content-format-registrations"> <section anchor="coap-content-format-registrations" numbered="true" remove
<name>CoAP Content-Format Registrations</name> InRFC="false" toc="include" pn="section-6.9">
<t>IANA is requested to register the following Content-Format numbers in <name slugifiedName="name-coap-content-format-registr">CoAP Content-Form
the "CoAP at Registrations</name>
Content-Formats" sub-registry, within the "Constrained RESTful Environments <t indent="0" pn="section-6.9-1">IANA has registered the following Conte
(CoRE) Parameters" Registry <xref target="IANA.core-parameters"/>:</t> nt-Format numbers in the "CoAP
<table align="left"> Content-Formats" registry, within the "Constrained RESTful Environments
<name>New Content-Formats</name> (CoRE) Parameters" registry group <xref target="CORE-PARAMS" format="default" se
ctionFormat="of" derivedContent="CORE-PARAMS"/>:</t>
<table align="center" pn="table-2">
<name slugifiedName="name-new-content-formats">New Content-Formats</na
me>
<thead> <thead>
<tr> <tr>
<th align="left">Content-Type</th> <th align="left" colspan="1" rowspan="1">Content Type</th>
<th align="left">Content Coding</th> <th align="left" colspan="1" rowspan="1">Content Coding</th>
<th align="left">ID</th> <th align="left" colspan="1" rowspan="1">ID</th>
<th align="left">Reference</th> <th align="left" colspan="1" rowspan="1">Reference</th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
<tr> <tr>
<td align="left">application/eat+cwt</td> <td align="left" colspan="1" rowspan="1">application/eat+cwt</td>
<td align="left">-</td> <td align="left" colspan="1" rowspan="1">-</td>
<td align="left">TBD1</td> <td align="left" colspan="1" rowspan="1">263</td>
<td align="left">RFCthis</td> <td align="left" colspan="1" rowspan="1">RFC 9782</td>
</tr> </tr>
<tr> <tr>
<td align="left">application/eat+jwt</td> <td align="left" colspan="1" rowspan="1">application/eat+jwt</td>
<td align="left">-</td> <td align="left" colspan="1" rowspan="1">-</td>
<td align="left">TBD2</td> <td align="left" colspan="1" rowspan="1">264</td>
<td align="left">RFCthis</td> <td align="left" colspan="1" rowspan="1">RFC 9782</td>
</tr> </tr>
<tr> <tr>
<td align="left">application/eat-bun+cbor</td> <td align="left" colspan="1" rowspan="1">application/eat-bun+cbor<
<td align="left">-</td> /td>
<td align="left">TBD3</td> <td align="left" colspan="1" rowspan="1">-</td>
<td align="left">RFCthis</td> <td align="left" colspan="1" rowspan="1">265</td>
<td align="left" colspan="1" rowspan="1">RFC 9782</td>
</tr> </tr>
<tr> <tr>
<td align="left">application/eat-bun+json</td> <td align="left" colspan="1" rowspan="1">application/eat-bun+json<
<td align="left">-</td> /td>
<td align="left">TBD4</td> <td align="left" colspan="1" rowspan="1">-</td>
<td align="left">RFCthis</td> <td align="left" colspan="1" rowspan="1">266</td>
<td align="left" colspan="1" rowspan="1">RFC 9782</td>
</tr> </tr>
<tr> <tr>
<td align="left">application/eat-ucs+cbor</td> <td align="left" colspan="1" rowspan="1">application/eat-ucs+cbor<
<td align="left">-</td> /td>
<td align="left">TBD5</td> <td align="left" colspan="1" rowspan="1">-</td>
<td align="left">RFCthis</td> <td align="left" colspan="1" rowspan="1">267</td>
<td align="left" colspan="1" rowspan="1">RFC 9781</td>
</tr> </tr>
<tr> <tr>
<td align="left">application/eat-ucs+json</td> <td align="left" colspan="1" rowspan="1">application/eat-ucs+json<
<td align="left">-</td> /td>
<td align="left">TBD6</td> <td align="left" colspan="1" rowspan="1">-</td>
<td align="left">RFCthis</td> <td align="left" colspan="1" rowspan="1">268</td>
<td align="left" colspan="1" rowspan="1">RFC 9782</td>
</tr> </tr>
</tbody> </tbody>
</table> </table>
<t>TBD1..6 are to be assigned from the space 256..9999.</t>
</section>
</section>
<section anchor="changelog">
<name>Changelog</name>
<t><cref anchor="remove-sec">RFC editor: please remove this section</cref>
</t>
<section anchor="cl-04">
<name> -04</name>
<ul spacing="normal">
<li>
<t>Early IANA review</t>
</li>
</ul>
</section>
<section anchor="cl-03">
<name> -03</name>
<ul spacing="normal">
<li>
<t>Update references</t>
</li>
</ul>
</section>
<section anchor="cl-02">
<name> -02</name>
<ul spacing="normal">
<li>
<t>Update references</t>
</li>
<li>
<t>Register +cwt SSS
(<eref target="https://github.com/ietf-rats-wg/draft-eat-mt/issues/14">Issue#14<
/eref>)</t>
</li>
<li>
<t>Move from eat-jwt to eat+jwt
(<eref target="https://github.com/ietf-rats-wg/draft-eat-mt/issues/14">Issue#14<
/eref>)</t>
</li>
<li>
<t>Move from eat-cwt to eat+cwt
(<eref target="https://github.com/ietf-rats-wg/draft-eat-mt/issues/14">Issue#14<
/eref>)</t>
</li>
</ul>
</section>
<section anchor="cl-01">
<name> -01</name>
<ul spacing="normal">
<li>
<t>Rename <tt>profile</tt> to <tt>eat_profile</tt> for consistency w
ith EAT
(<eref target="https://github.com/ietf-rats-wg/draft-eat-mt/issues/4">Issue#4</e
ref>)</t>
</li>
<li>
<t>The DEB acronym is gone: shorthand is now "bun" from bundle
(<eref target="https://github.com/ietf-rats-wg/draft-eat-mt/issues/8">Issue#8</e
ref>)</t>
</li>
<li>
<t>Incorporate editorial suggestions from Carl and Dave
(<eref target="https://github.com/ietf-rats-wg/draft-eat-mt/issues/7">Issue#7</e
ref>,
<eref target="https://github.com/ietf-rats-wg/draft-eat-mt/issues/9">Issue#9</er
ef>)</t>
</li>
</ul>
</section> </section>
</section> </section>
</middle> </middle>
<back> <back>
<references anchor="sec-combined-references"> <displayreference target="RFC9711" to="EAT"/>
<name>References</name> <displayreference target="RFC9781" to="UCCS"/>
<references anchor="sec-normative-references"> <displayreference target="I-D.irtf-t2trg-rest-iot" to="REST-IoT"/>
<name>Normative References</name> <displayreference target="RFC3986" to="URI"/>
<reference anchor="EAT"> <displayreference target="RFC4151" to="TAG"/>
<displayreference target="RFC6838" to="MEDIATYPES"/>
<displayreference target="RFC8259" to="JSON"/>
<displayreference target="RFC8392" to="CWT"/>
<displayreference target="RFC9110" to="HTTP"/>
<displayreference target="RFC9334" to="RATS-ARCH"/>
<displayreference target="BCP56" to="BUILD-W-HTTP"/>
<references anchor="sec-combined-references" pn="section-7">
<name slugifiedName="name-references">References</name>
<references anchor="sec-normative-references" pn="section-7.1">
<name slugifiedName="name-normative-references">Normative References</na
me>
<referencegroup anchor="BCP225" target="https://www.rfc-editor.org/info/
bcp225" derivedAnchor="BCP225">
<reference anchor="RFC8725" target="https://www.rfc-editor.org/info/rf
c8725" quoteTitle="true">
<front>
<title>JSON Web Token Best Current Practices</title>
<author fullname="Y. Sheffer" initials="Y." surname="Sheffer"/>
<author fullname="D. Hardt" initials="D." surname="Hardt"/>
<author fullname="M. Jones" initials="M." surname="Jones"/>
<date month="February" year="2020"/>
<abstract>
<t indent="0">JSON Web Tokens, also known as JWTs, are URL-safe
JSON-based security tokens that contain a set of claims that can be signed and/o
r encrypted. JWTs are being widely used and deployed as a simple security token
format in numerous protocols and applications, both in the area of digital ident
ity and in other application areas. This Best Current Practices document updates
RFC 7519 to provide actionable guidance leading to secure implementation and de
ployment of JWTs.</t>
</abstract>
</front>
<seriesInfo name="BCP" value="225"/>
<seriesInfo name="RFC" value="8725"/>
<seriesInfo name="DOI" value="10.17487/RFC8725"/>
</reference>
</referencegroup>
<reference anchor="CORE-PARAMS" target="https://www.iana.org/assignments
/core-parameters" quoteTitle="true" derivedAnchor="CORE-PARAMS">
<front> <front>
<title>The Entity Attestation Token (EAT)</title> <title>CoAP Content-Formats</title>
<author fullname="Laurence Lundblade" initials="L." surname="Lundbla <author>
de"> <organization showOnFrontPage="true">IANA</organization>
<organization>Security Theory LLC</organization>
</author>
<author fullname="Giridhar Mandyam" initials="G." surname="Mandyam">
<organization>Mediatek USA</organization>
</author>
<author fullname="Jeremy O'Donoghue" initials="J." surname="O'Donogh
ue">
<organization>Qualcomm Technologies Inc.</organization>
</author>
<author fullname="Carl Wallace" initials="C." surname="Wallace">
<organization>Red Hound Software, Inc.</organization>
</author> </author>
<date day="6" month="September" year="2024"/>
<abstract>
<t> An Entity Attestation Token (EAT) provides an attested claim
s set
that describes state and characteristics of an entity, a device like
a smartphone, IoT device, network equipment or such. This claims set
is used by a relying party, server or service to determine the type
and degree of trust placed in the entity.
An EAT is either a CBOR Web Token (CWT) or JSON Web Token (JWT) with
attestation-oriented claims.
</t>
</abstract>
</front> </front>
<seriesInfo name="Internet-Draft" value="draft-ietf-rats-eat-31"/>
</reference> </reference>
<reference anchor="JWT"> <reference anchor="RFC8392" target="https://www.rfc-editor.org/info/rfc8
<front> 392" quoteTitle="true" derivedAnchor="CWT">
<title>JSON Web Token (JWT)</title>
<author fullname="M. Jones" initials="M." surname="Jones"/>
<author fullname="J. Bradley" initials="J." surname="Bradley"/>
<author fullname="N. Sakimura" initials="N." surname="Sakimura"/>
<date month="May" year="2015"/>
<abstract>
<t>JSON Web Token (JWT) is a compact, URL-safe means of representi
ng claims to be transferred between two parties. The claims in a JWT are encoded
as a JSON object that is used as the payload of a JSON Web Signature (JWS) stru
cture or as the plaintext of a JSON Web Encryption (JWE) structure, enabling the
claims to be digitally signed or integrity protected with a Message Authenticat
ion Code (MAC) and/or encrypted.</t>
</abstract>
</front>
<seriesInfo name="RFC" value="7519"/>
<seriesInfo name="DOI" value="10.17487/RFC7519"/>
</reference>
<reference anchor="CWT">
<front> <front>
<title>CBOR Web Token (CWT)</title> <title>CBOR Web Token (CWT)</title>
<author fullname="M. Jones" initials="M." surname="Jones"/> <author fullname="M. Jones" initials="M." surname="Jones"/>
<author fullname="E. Wahlstroem" initials="E." surname="Wahlstroem"/ > <author fullname="E. Wahlstroem" initials="E." surname="Wahlstroem"/ >
<author fullname="S. Erdtman" initials="S." surname="Erdtman"/> <author fullname="S. Erdtman" initials="S." surname="Erdtman"/>
<author fullname="H. Tschofenig" initials="H." surname="Tschofenig"/ > <author fullname="H. Tschofenig" initials="H." surname="Tschofenig"/ >
<date month="May" year="2018"/> <date month="May" year="2018"/>
<abstract> <abstract>
<t>CBOR Web Token (CWT) is a compact means of representing claims to be transferred between two parties. The claims in a CWT are encoded in the Co ncise Binary Object Representation (CBOR), and CBOR Object Signing and Encryptio n (COSE) is used for added application-layer security protection. A claim is a p iece of information asserted about a subject and is represented as a name/value pair consisting of a claim name and a claim value. CWT is derived from JSON Web Token (JWT) but uses CBOR rather than JSON.</t> <t indent="0">CBOR Web Token (CWT) is a compact means of represent ing claims to be transferred between two parties. The claims in a CWT are encode d in the Concise Binary Object Representation (CBOR), and CBOR Object Signing an d Encryption (COSE) is used for added application-layer security protection. A c laim is a piece of information asserted about a subject and is represented as a name/value pair consisting of a claim name and a claim value. CWT is derived fro m JSON Web Token (JWT) but uses CBOR rather than JSON.</t>
</abstract> </abstract>
</front> </front>
<seriesInfo name="RFC" value="8392"/> <seriesInfo name="RFC" value="8392"/>
<seriesInfo name="DOI" value="10.17487/RFC8392"/> <seriesInfo name="DOI" value="10.17487/RFC8392"/>
</reference> </reference>
<reference anchor="UCCS"> <reference anchor="RFC9711" target="https://www.rfc-editor.org/info/rfc9 711" quoteTitle="true" derivedAnchor="EAT">
<front> <front>
<title>A CBOR Tag for Unprotected CWT Claims Sets</title> <title>The Entity Attestation Token (EAT)</title>
<author fullname="Henk Birkholz" initials="H." surname="Birkholz"> <author fullname="Laurence Lundblade" initials="L." surname="Lundbla
<organization>Fraunhofer SIT</organization> de">
</author> <organization showOnFrontPage="true">Security Theory LLC</organiza
<author fullname="Jeremy O'Donoghue" initials="J." surname="O'Donogh tion>
ue">
<organization>Qualcomm Technologies Inc.</organization>
</author> </author>
<author fullname="Nancy Cam-Winget" initials="N." surname="Cam-Winge <author fullname="Giridhar Mandyam" initials="G." surname="Mandyam">
t"> <organization showOnFrontPage="true">Mediatek USA</organization>
<organization>Cisco Systems</organization>
</author> </author>
<author fullname="Carsten Bormann" initials="C." surname="Bormann"> <author fullname="Jeremy O'Donoghue" initials="J." surname="O'Donogh
<organization>Universität Bremen TZI</organization> ue">
</author>
<author fullname="Carl Wallace" initials="C." surname="Wallace">
<organization showOnFrontPage="true">Red Hound Software, Inc.</org
anization>
</author> </author>
<date day="3" month="November" year="2024"/> <date month="April" year="2025"/>
<abstract>
<t> This document defines the Unprotected CWT Claims Set (UCCS),
a data
format for representing a CBOR Web Token (CWT) Claims Set without
protecting it by a signature, message authentication code (MAC), or
encryption. UCCS enables the use of CWT claims in environments where
protection is provided by other means, such as secure communication
channels or trusted execution environments. This specification
defines a CBOR tag for UCCS and describes the UCCS format, its
encoding, and processing considerations, and discusses security
implications of using unprotected claims sets.
// (This editors' note will be removed by the RFC editor:) The
// present revision (–12) contains remaining document changes based
// on feedback from the IESG evaluation and has been submitted as
// input to IETF 121.
</t>
</abstract>
</front>
<seriesInfo name="Internet-Draft" value="draft-ietf-rats-uccs-12"/>
</reference>
<reference anchor="MediaTypes">
<front>
<title>Media Type Specifications and Registration Procedures</title>
<author fullname="N. Freed" initials="N." surname="Freed"/>
<author fullname="J. Klensin" initials="J." surname="Klensin"/>
<author fullname="T. Hansen" initials="T." surname="Hansen"/>
<date month="January" year="2013"/>
<abstract>
<t>This document defines procedures for the specification and regi
stration of media types for use in HTTP, MIME, and other Internet protocols. Thi
s memo documents an Internet Best Current Practice.</t>
</abstract>
</front>
<seriesInfo name="BCP" value="13"/>
<seriesInfo name="RFC" value="6838"/>
<seriesInfo name="DOI" value="10.17487/RFC6838"/>
</reference>
<reference anchor="URI">
<front>
<title>Uniform Resource Identifier (URI): Generic Syntax</title>
<author fullname="T. Berners-Lee" initials="T." surname="Berners-Lee
"/>
<author fullname="R. Fielding" initials="R." surname="Fielding"/>
<author fullname="L. Masinter" initials="L." surname="Masinter"/>
<date month="January" year="2005"/>
<abstract>
<t>A Uniform Resource Identifier (URI) is a compact sequence of ch
aracters that identifies an abstract or physical resource. This specification de
fines the generic URI syntax and a process for resolving URI references that mig
ht be in relative form, along with guidelines and security considerations for th
e use of URIs on the Internet. The URI syntax defines a grammar that is a supers
et of all valid URIs, allowing an implementation to parse the common components
of a URI reference without knowing the scheme-specific requirements of every pos
sible identifier. This specification does not define a generative grammar for UR
Is; that task is performed by the individual specifications of each URI scheme.
[STANDARDS-TRACK]</t>
</abstract>
</front> </front>
<seriesInfo name="STD" value="66"/> <seriesInfo name="RFC" value="9711"/>
<seriesInfo name="RFC" value="3986"/> <seriesInfo name="DOI" value="10.17487/RFC9711"/>
<seriesInfo name="DOI" value="10.17487/RFC3986"/>
</reference> </reference>
<reference anchor="HTTP"> <reference anchor="RFC9110" target="https://www.rfc-editor.org/info/rfc9 110" quoteTitle="true" derivedAnchor="HTTP">
<front> <front>
<title>HTTP Semantics</title> <title>HTTP Semantics</title>
<author fullname="R. Fielding" initials="R." role="editor" surname=" Fielding"/> <author fullname="R. Fielding" initials="R." role="editor" surname=" Fielding"/>
<author fullname="M. Nottingham" initials="M." role="editor" surname ="Nottingham"/> <author fullname="M. Nottingham" initials="M." role="editor" surname ="Nottingham"/>
<author fullname="J. Reschke" initials="J." role="editor" surname="R eschke"/> <author fullname="J. Reschke" initials="J." role="editor" surname="R eschke"/>
<date month="June" year="2022"/> <date month="June" year="2022"/>
<abstract> <abstract>
<t>The Hypertext Transfer Protocol (HTTP) is a stateless applicati <t indent="0">The Hypertext Transfer Protocol (HTTP) is a stateles
on-level protocol for distributed, collaborative, hypertext information systems. s application-level protocol for distributed, collaborative, hypertext informati
This document describes the overall architecture of HTTP, establishes common te on systems. This document describes the overall architecture of HTTP, establishe
rminology, and defines aspects of the protocol that are shared by all versions. s common terminology, and defines aspects of the protocol that are shared by all
In this definition are core protocol elements, extensibility mechanisms, and the versions. In this definition are core protocol elements, extensibility mechanis
"http" and "https" Uniform Resource Identifier (URI) schemes.</t> ms, and the "http" and "https" Uniform Resource Identifier (URI) schemes.</t>
<t>This document updates RFC 3864 and obsoletes RFCs 2818, 7231, 7 <t indent="0">This document updates RFC 3864 and obsoletes RFCs 28
232, 7233, 7235, 7538, 7615, 7694, and portions of 7230.</t> 18, 7231, 7232, 7233, 7235, 7538, 7615, 7694, and portions of 7230.</t>
</abstract> </abstract>
</front> </front>
<seriesInfo name="STD" value="97"/> <seriesInfo name="STD" value="97"/>
<seriesInfo name="RFC" value="9110"/> <seriesInfo name="RFC" value="9110"/>
<seriesInfo name="DOI" value="10.17487/RFC9110"/> <seriesInfo name="DOI" value="10.17487/RFC9110"/>
</reference> </reference>
<reference anchor="JSON"> <reference anchor="RFC8259" target="https://www.rfc-editor.org/info/rfc8 259" quoteTitle="true" derivedAnchor="JSON">
<front> <front>
<title>The JavaScript Object Notation (JSON) Data Interchange Format </title> <title>The JavaScript Object Notation (JSON) Data Interchange Format </title>
<author fullname="T. Bray" initials="T." role="editor" surname="Bray "/> <author fullname="T. Bray" initials="T." role="editor" surname="Bray "/>
<date month="December" year="2017"/> <date month="December" year="2017"/>
<abstract> <abstract>
<t>JavaScript Object Notation (JSON) is a lightweight, text-based, <t indent="0">JavaScript Object Notation (JSON) is a lightweight,
language-independent data interchange format. It was derived from the ECMAScrip text-based, language-independent data interchange format. It was derived from th
t Programming Language Standard. JSON defines a small set of formatting rules fo e ECMAScript Programming Language Standard. JSON defines a small set of formatti
r the portable representation of structured data.</t> ng rules for the portable representation of structured data.</t>
<t>This document removes inconsistencies with other specifications <t indent="0">This document removes inconsistencies with other spe
of JSON, repairs specification errors, and offers experience-based interoperabi cifications of JSON, repairs specification errors, and offers experience-based i
lity guidance.</t> nteroperability guidance.</t>
</abstract> </abstract>
</front> </front>
<seriesInfo name="STD" value="90"/> <seriesInfo name="STD" value="90"/>
<seriesInfo name="RFC" value="8259"/> <seriesInfo name="RFC" value="8259"/>
<seriesInfo name="DOI" value="10.17487/RFC8259"/> <seriesInfo name="DOI" value="10.17487/RFC8259"/>
</reference> </reference>
<reference anchor="IANA.media-type-structured-suffix" target="https://ww w.iana.org/assignments/media-type-structured-suffix"> <reference anchor="MEDIA-TYPES" target="https://www.iana.org/assignments /media-types" quoteTitle="true" derivedAnchor="MEDIA-TYPES">
<front> <front>
<title>Structured Syntax Suffixes</title> <title>Media Types</title>
<author> <author>
<organization>IANA</organization> <organization showOnFrontPage="true">IANA</organization>
</author> </author>
</front> </front>
</reference> </reference>
<reference anchor="IANA.media-types" target="https://www.iana.org/assign ments/media-types"> <reference anchor="RFC6838" target="https://www.rfc-editor.org/info/rfc6 838" quoteTitle="true" derivedAnchor="MEDIATYPES">
<front> <front>
<title>Media Types</title> <title>Media Type Specifications and Registration Procedures</title>
<author fullname="N. Freed" initials="N." surname="Freed"/>
<author fullname="J. Klensin" initials="J." surname="Klensin"/>
<author fullname="T. Hansen" initials="T." surname="Hansen"/>
<date month="January" year="2013"/>
<abstract>
<t indent="0">This document defines procedures for the specificati
on and registration of media types for use in HTTP, MIME, and other Internet pro
tocols. This memo documents an Internet Best Current Practice.</t>
</abstract>
</front>
<seriesInfo name="BCP" value="13"/>
<seriesInfo name="RFC" value="6838"/>
<seriesInfo name="DOI" value="10.17487/RFC6838"/>
</reference>
<reference anchor="STRUCT-SYNTAX" target="https://www.iana.org/assignmen
ts/media-type-structured-suffix" quoteTitle="true" derivedAnchor="STRUCT-SYNTAX"
>
<front>
<title>Structured Syntax Suffixes</title>
<author> <author>
<organization>IANA</organization> <organization showOnFrontPage="true">IANA</organization>
</author> </author>
</front> </front>
</reference> </reference>
<referencegroup anchor="BCP225" target="https://www.rfc-editor.org/info/ <reference anchor="RFC9781" target="https://www.rfc-editor.org/info/rfc9
bcp225"> 781" quoteTitle="true" derivedAnchor="UCCS">
<reference anchor="RFC8725" target="https://www.rfc-editor.org/info/rf
c8725">
<front>
<title>JSON Web Token Best Current Practices</title>
<author fullname="Y. Sheffer" initials="Y." surname="Sheffer"/>
<author fullname="D. Hardt" initials="D." surname="Hardt"/>
<author fullname="M. Jones" initials="M." surname="Jones"/>
<date month="February" year="2020"/>
<abstract>
<t>JSON Web Tokens, also known as JWTs, are URL-safe JSON-based
security tokens that contain a set of claims that can be signed and/or encrypted
. JWTs are being widely used and deployed as a simple security token format in n
umerous protocols and applications, both in the area of digital identity and in
other application areas. This Best Current Practices document updates RFC 7519 t
o provide actionable guidance leading to secure implementation and deployment of
JWTs.</t>
</abstract>
</front>
<seriesInfo name="BCP" value="225"/>
<seriesInfo name="RFC" value="8725"/>
<seriesInfo name="DOI" value="10.17487/RFC8725"/>
</reference>
</referencegroup>
<reference anchor="IANA.core-parameters" target="https://www.iana.org/as
signments/core-parameters">
<front> <front>
<title>Constrained RESTful Environments (CoRE) Parameters</title> <title>A Concise Binary Object Representation (CBOR) Tag for Unprote
<author> cted CBOR Web Token Claims Sets (UCCS)</title>
<organization>IANA</organization> <author fullname="Henk Birkholz" initials="H." surname="Birkholz">
<organization showOnFrontPage="true">Fraunhofer SIT</organization>
</author> </author>
<author fullname="Jeremy O'Donoghue" initials="J." surname="O'Donogh
ue">
<organization showOnFrontPage="true">Qualcomm Technologies Inc.</o
rganization>
</author>
<author fullname="Nancy Cam-Winget" initials="N." surname="Cam-Winge
t">
<organization showOnFrontPage="true">Cisco Systems</organization>
</author>
<author fullname="Carsten Bormann" initials="C." surname="Bormann">
<organization showOnFrontPage="true">Universität Bremen TZI</organ
ization>
</author>
<date month="April" year="2025"/>
</front> </front>
<seriesInfo name="RFC" value="9781"/>
<seriesInfo name="DOI" value="10.17487/RFC9781"/>
</reference> </reference>
</references> <reference anchor="RFC3986" target="https://www.rfc-editor.org/info/rfc3
<references anchor="sec-informative-references"> 986" quoteTitle="true" derivedAnchor="URI">
<name>Informative References</name>
<reference anchor="RATS-Arch">
<front> <front>
<title>Remote ATtestation procedureS (RATS) Architecture</title> <title>Uniform Resource Identifier (URI): Generic Syntax</title>
<author fullname="H. Birkholz" initials="H." surname="Birkholz"/> <author fullname="T. Berners-Lee" initials="T." surname="Berners-Lee
<author fullname="D. Thaler" initials="D." surname="Thaler"/> "/>
<author fullname="M. Richardson" initials="M." surname="Richardson"/ <author fullname="R. Fielding" initials="R." surname="Fielding"/>
> <author fullname="L. Masinter" initials="L." surname="Masinter"/>
<author fullname="N. Smith" initials="N." surname="Smith"/> <date month="January" year="2005"/>
<author fullname="W. Pan" initials="W." surname="Pan"/>
<date month="January" year="2023"/>
<abstract> <abstract>
<t>In network protocol exchanges, it is often useful for one end o f a communication to know whether the other end is in an intended operating stat e. This document provides an architectural overview of the entities involved tha t make such tests possible through the process of generating, conveying, and eva luating evidentiary Claims. It provides a model that is neutral toward processor architectures, the content of Claims, and protocols.</t> <t indent="0">A Uniform Resource Identifier (URI) is a compact seq uence of characters that identifies an abstract or physical resource. This speci fication defines the generic URI syntax and a process for resolving URI referenc es that might be in relative form, along with guidelines and security considerat ions for the use of URIs on the Internet. The URI syntax defines a grammar that is a superset of all valid URIs, allowing an implementation to parse the common components of a URI reference without knowing the scheme-specific requirements o f every possible identifier. This specification does not define a generative gra mmar for URIs; that task is performed by the individual specifications of each U RI scheme. [STANDARDS-TRACK]</t>
</abstract> </abstract>
</front> </front>
<seriesInfo name="RFC" value="9334"/> <seriesInfo name="STD" value="66"/>
<seriesInfo name="DOI" value="10.17487/RFC9334"/> <seriesInfo name="RFC" value="3986"/>
<seriesInfo name="DOI" value="10.17487/RFC3986"/>
</reference> </reference>
<referencegroup anchor="BUILD-W-HTTP" target="https://www.rfc-editor.org </references>
/info/bcp56"> <references anchor="sec-informative-references" pn="section-7.2">
<reference anchor="RFC9205" target="https://www.rfc-editor.org/info/rf <name slugifiedName="name-informative-references">Informative References
c9205"> </name>
<referencegroup anchor="BCP56" target="https://www.rfc-editor.org/info/b
cp56" derivedAnchor="BUILD-W-HTTP">
<reference anchor="RFC9205" target="https://www.rfc-editor.org/info/rf
c9205" quoteTitle="true">
<front> <front>
<title>Building Protocols with HTTP</title> <title>Building Protocols with HTTP</title>
<author fullname="M. Nottingham" initials="M." surname="Nottingham "/> <author fullname="M. Nottingham" initials="M." surname="Nottingham "/>
<date month="June" year="2022"/> <date month="June" year="2022"/>
<abstract> <abstract>
<t>Applications often use HTTP as a substrate to create HTTP-bas <t indent="0">Applications often use HTTP as a substrate to crea
ed APIs. This document specifies best practices for writing specifications that te HTTP-based APIs. This document specifies best practices for writing specifica
use HTTP to define new application protocols. It is written primarily to guide I tions that use HTTP to define new application protocols. It is written primarily
ETF efforts to define application protocols using HTTP for deployment on the Int to guide IETF efforts to define application protocols using HTTP for deployment
ernet but might be applicable in other situations.</t> on the Internet but might be applicable in other situations.</t>
<t>This document obsoletes RFC 3205.</t> <t indent="0">This document obsoletes RFC 3205.</t>
</abstract> </abstract>
</front> </front>
<seriesInfo name="BCP" value="56"/> <seriesInfo name="BCP" value="56"/>
<seriesInfo name="RFC" value="9205"/> <seriesInfo name="RFC" value="9205"/>
<seriesInfo name="DOI" value="10.17487/RFC9205"/> <seriesInfo name="DOI" value="10.17487/RFC9205"/>
</reference> </reference>
</referencegroup> </referencegroup>
<reference anchor="REST-IoT"> <reference anchor="RFC9334" target="https://www.rfc-editor.org/info/rfc9
334" quoteTitle="true" derivedAnchor="RATS-ARCH">
<front>
<title>Remote ATtestation procedureS (RATS) Architecture</title>
<author fullname="H. Birkholz" initials="H." surname="Birkholz"/>
<author fullname="D. Thaler" initials="D." surname="Thaler"/>
<author fullname="M. Richardson" initials="M." surname="Richardson"/
>
<author fullname="N. Smith" initials="N." surname="Smith"/>
<author fullname="W. Pan" initials="W." surname="Pan"/>
<date month="January" year="2023"/>
<abstract>
<t indent="0">In network protocol exchanges, it is often useful fo
r one end of a communication to know whether the other end is in an intended ope
rating state. This document provides an architectural overview of the entities i
nvolved that make such tests possible through the process of generating, conveyi
ng, and evaluating evidentiary Claims. It provides a model that is neutral towar
d processor architectures, the content of Claims, and protocols.</t>
</abstract>
</front>
<seriesInfo name="RFC" value="9334"/>
<seriesInfo name="DOI" value="10.17487/RFC9334"/>
</reference>
<reference anchor="I-D.irtf-t2trg-rest-iot" target="https://datatracker.
ietf.org/doc/html/draft-irtf-t2trg-rest-iot-16" quoteTitle="true" derivedAnchor=
"REST-IoT">
<front> <front>
<title>Guidance on RESTful Design for Internet of Things Systems</ti tle> <title>Guidance on RESTful Design for Internet of Things Systems</ti tle>
<author fullname="Ari Keränen" initials="A." surname="Keränen"> <author fullname="Ari Keränen" initials="A." surname="Keränen">
<organization>Ericsson</organization> <organization showOnFrontPage="true">Ericsson</organization>
</author> </author>
<author fullname="Matthias Kovatsch" initials="M." surname="Kovatsch "> <author fullname="Matthias Kovatsch" initials="M." surname="Kovatsch ">
<organization>Siemens</organization> <organization showOnFrontPage="true">Siemens</organization>
</author> </author>
<author fullname="Klaus Hartke" initials="K." surname="Hartke"> <author fullname="Klaus Hartke" initials="K." surname="Hartke"/>
</author> <date day="23" month="April" year="2025"/>
<date day="21" month="October" year="2024"/>
<abstract> <abstract>
<t> This document gives guidance for designing Internet of Thing <t indent="0">This document gives guidance for designing Internet
s (IoT) of Things (IoT) systems that follow the principles of the Representational State
systems that follow the principles of the Representational State Transfer (REST) architectural style. This document is a product of the IRTF Thi
Transfer (REST) architectural style. This document is a product of ng-to-Thing Research Group (T2TRG).</t>
the IRTF Thing-to-Thing Research Group (T2TRG).
</t>
</abstract> </abstract>
</front> </front>
<seriesInfo name="Internet-Draft" value="draft-irtf-t2trg-rest-iot-15" <seriesInfo name="Internet-Draft" value="draft-irtf-t2trg-rest-iot-16"
/> />
<refcontent>Work in Progress</refcontent>
</reference> </reference>
<reference anchor="TAG"> <reference anchor="RFC4151" target="https://www.rfc-editor.org/info/rfc4 151" quoteTitle="true" derivedAnchor="TAG">
<front> <front>
<title>The 'tag' URI Scheme</title> <title>The 'tag' URI Scheme</title>
<author fullname="T. Kindberg" initials="T." surname="Kindberg"/> <author fullname="T. Kindberg" initials="T." surname="Kindberg"/>
<author fullname="S. Hawke" initials="S." surname="Hawke"/> <author fullname="S. Hawke" initials="S." surname="Hawke"/>
<date month="October" year="2005"/> <date month="October" year="2005"/>
<abstract> <abstract>
<t>This document describes the "tag" Uniform Resource Identifier ( URI) scheme. Tag URIs (also known as "tags") are designed to be unique across sp ace and time while being tractable to humans. They are distinct from most other URIs in that they have no authoritative resolution mechanism. A tag may be used purely as an entity identifier. Furthermore, using tags has some advantages over the common practice of using "http" URIs as identifiers for non-HTTP-accessible resources. This memo provides information for the Internet community.</t> <t indent="0">This document describes the "tag" Uniform Resource I dentifier (URI) scheme. Tag URIs (also known as "tags") are designed to be uniqu e across space and time while being tractable to humans. They are distinct from most other URIs in that they have no authoritative resolution mechanism. A tag m ay be used purely as an entity identifier. Furthermore, using tags has some adva ntages over the common practice of using "http" URIs as identifiers for non-HTTP -accessible resources. This memo provides information for the Internet community .</t>
</abstract> </abstract>
</front> </front>
<seriesInfo name="RFC" value="4151"/> <seriesInfo name="RFC" value="4151"/>
<seriesInfo name="DOI" value="10.17487/RFC4151"/> <seriesInfo name="DOI" value="10.17487/RFC4151"/>
</reference> </reference>
</references> </references>
</references> </references>
<?line 646?> <section numbered="false" anchor="acknowledgments" removeInRFC="false" toc="
include" pn="section-appendix.a">
<section numbered="false" anchor="acknowledgments"> <name slugifiedName="name-acknowledgments">Acknowledgments</name>
<name>Acknowledgments</name> <t indent="0" pn="section-appendix.a-1">Thank you <contact fullname="Carl
<t>Thank you Wallace"/>, <contact fullname="Carsten Bormann"/>, <contact fullname="Dave Thale
Carl Wallace, r"/>,
Carsten Bormann, <contact fullname="Deb Cooley"/>, <contact fullname="Éric Vyncke"/>,
Dave Thaler, <contact fullname="Francesca Palombini"/>, <contact fullname="Jouni
Deb Cooley, Korhonen"/>, <contact fullname="Kathleen Moriarty"/>, <contact fullname="Michael
Éric Vyncke, Richardson"/>, <contact fullname="Murray Kucherawy"/>,
Francesca Palombini, <contact fullname="Orie Steele"/>, <contact fullname="Paul Howard"/>,
Jouni Korhonen, <contact fullname="Roman Danyliw"/>, and <contact fullname="Tim Holl
Kathleen Moriarty, ebeek"/> for your comments and suggestions.</t>
Michael Richardson, </section>
Murray Kucherawy, <section anchor="authors-addresses" numbered="false" removeInRFC="false" toc
Orie Steele, ="include" pn="section-appendix.b">
Paul Howard, <name slugifiedName="name-authors-addresses">Authors' Addresses</name>
Roman Danyliw <author initials="L." surname="Lundblade" fullname="Laurence Lundblade">
and <organization showOnFrontPage="true">Security Theory LLC</organization>
Tim Hollebeek <address>
for your comments and suggestions.</t> <email>lgl@securitytheory.com</email>
</address>
</author>
<author initials="H." surname="Birkholz" fullname="Henk Birkholz">
<organization abbrev="Fraunhofer SIT" showOnFrontPage="true">Fraunhofer
Institute for Secure Information Technology</organization>
<address>
<postal>
<street>Rheinstrasse 75</street>
<city>Darmstadt</city>
<code>64295</code>
<country>Germany</country>
</postal>
<email>henk.birkholz@ietf.contact</email>
</address>
</author>
<author initials="T." surname="Fossati" fullname="Thomas Fossati">
<organization showOnFrontPage="true">Linaro</organization>
<address>
<email>thomas.fossati@linaro.org</email>
</address>
</author>
</section> </section>
</back> </back>
<!-- ##markdown-source:
H4sIAAAAAAAAA+1c63IbN5b+j6fA0FUjKWJTluSbuJupyLrEcmRLJdLxj0wy
ArtBsq1mgwN0S+ZIyv99i32WmRfb7wDoG0VdbGd2NykrVZGaDRwcnOt3DkAH
QcDOu3yTsSzOEtnle9t9/kZGseD92VQaJgYDLc9vfh6pMBUTTIi0GGZBLLNh
oEVmAimyYEIDgwwDg/UNZvLBJDYmVilN7fKDvf4+C0UmR0rPutxkEWPxVHd5
pnOTbTx+vPV4gwktRZe3ejLMdZzNWuxC6bORVvkUn57Iicok3+5n0mQiA2V+
rFUoo1zLXoudyRlGR5bpNrfMcGKGMYxOo7+JRKXgY4ZtTOMu/ylTYZsbpTMt
hwZ/zSb0x8+MiTwbK91lPOBxarr8sMMP8zQaJCKSjHPuJHAosGwayuY7pUci
jf9huevyYh+8P5bYNT883KFBciLipMuTUfKd8SMyO6ATqkm57KsOfxnrs7FK
/lGt+kqmZ42PsWCX72uRp2M1lJofpAY6zSGnodKOAYkP8TBxIuvLcJyqRI1m
NL1QdI1C76BfY3KMBTsDv+B3pHAwmWYizGiQgfBk1uUnYwmeMy2Mkfz5U3oV
qgj8Lj17srH1dMl+gG12+a7QE+gjytyYPM3IGr6XYC+dlXvvd/i+MgYcV1vv
j9VEmPrnTWEfxqnQqsZ6Zid0hm7Cd4l938EkxlInjnMJLZO9wDyD3U7DnPHi
9Xu8ONnfef50fQuPO/7xxebWBh7f7ez05uflYWjwyrqM9Rg74dmLzRc04eTA
Pm5uvXiGx1f9/rF93lpff0yr9Y7eOvobT7fgG4XOHJMn2/1esK3DsZuyufkE
H758d3C4G7wPHKmXO8dPifDJXq8fHKhiUxrMZRuZHgUafhPEirbW3/7eEnqy
/nSdMZlmpBx83ts73CdX29/JxrFpMRYEAYyEVAuNs2MxS5SIDM+NjKAqXvhk
tsAnDZ+IGdfy73kMGxQph3WoMEYIiJx7MnJPa6cw/1jDHNJzORNwqrb9VH4U
k2ki+QWMsFoRuxvmCd8+PjAdxvpgE9QmikdyGKe0aOn5hmeKD6SbSgT37D4b
3PbVmUwNX4YRrHTcdidxFCUIG4/gN5lWUR7SyE/e/OVlqbPr6zlRsHlR8C8Q
BSNR8OXLy2E8CsQ0Dkx0fU2b+fXXX7kQ5nzEOkHzp8OLn86iD+dfsCvsNZnF
6YgfCw0JXpXDrvz2ETiuGvOv+I9Sx8OYXrClYLWx/lI5bIkeV+c+LF+4lxQ+
msTnfq748VGvz9fOacXZ/Mv7Z0P5y3vncUTxfOUTZzc31vz5ywPWXvSDbMiP
fngI5zZ6Ldct8ESaPMnMygNm/+cdrK8unO3ETAnyHtLsPubunX0nc/evvfF4
ne8ATZCHzQ+4b/bdKn3Ivm8f8O+cDX9nl13+qIoDHN5KECoQSTxKv22FiPRS
tyhJWuT3bWvHBhrybIpWFHdCOc1ykSAuIW+OEMh8pLERF7GHxkKvrevfKPi6
2MsuL/ELgXJaRNk4jeRU4n9plsy4GlJkdEzuVEy+cUwSjxfjOBzToBkDloiH
WIWeJkYm59IguAGEcTX4IEPKqTy2DI7oz6lWAIMqadMWEZ0htuk0iUPLJIuk
geykNlzwNJ8MENDADEwrisGXOAfWEINE2nla5sY+1OWAzSObA/gCInjhBQNh
bOivROzi/jBRF2ZhyKeZlOchqHrah8QwdkdtH1PC8Zn/+hrR/9EjuJtNOBOI
0ACwpqMcq3m1Acrn9IIUZKxsYRkTY7fhrcB4tdpk00hnRN4WB64sYC73UBFg
twym4iTJCTVknriJP9oJF5QAHbJxa43VhVUaZJdgNJTCpIAiFT7U0FphF4WF
DVWuvTVM+DIwWZtwmiW1K4FLx2CXFnoJWJ6QYbAYKxG4smN2Xh6dQMriHGTM
SpusJoGhXF4SnKstQ492wrvXO71GLp1zu45Pkc0PVu28u6JYNcN5tct3S/yO
n6u5KQ/4uTHFs/ugKas+2FpZ3LqVzs1V7t3L1afvZcGUTnD3Zq4W7MUaS7mZ
G1NvruJxyFK55OrcvHv2coU0NJsi1NTWvG8vS26VpRqRhXvZqe9lTtxX9+6l
8UPrr9r/FtjmHT/YXiLiiQl6MiPGbky9XUlLgdvmasHTzR2+fPc2eH2btq74
LxV/55+mNiudBn9369BHk5qs/fwrvhuPKNV8okZp2Hnj1cLN79SX/KWc2ynE
5qg/QM91xE6tGRU5ykv3q7p6UWLyatb5/bPo55f5EuSmPcyVD6g53lJdEQUO
JdwEZY1PlthS8+0Sm4/UZUnTaTy556YZHMoRkIfo2tKCSjpjLH9X/D3lr/1J
5h93dncPa+KfF9RSQ2qNx6UGXCtT5/2IrUy7hMAe8e1ag46qMzGRVIxZxIWR
4H4YJ5Sj6SmmnMsVYJXNbcNEfowJrriETBhJ8XgCPEQAiRbGUC0GcQLk1kaS
7ElbC/NnDBm4mZcpyXvcwN1LwlV2bdAt2MD2PCRERMRwgghI0TR5WvBOtERG
s1F6W9zlIIkBXsETiAtupjJEcRnW1+GptHQZfBUDqelHwEVpPNFy1YYyCZb2
K4zVtdx7cEfTbDWuhiy0sa3tsaVBeQm1GAdenczaDt3k06nSVGsQVhQZNd0M
oAgAXpvLLOzYUsiwUGg9IxXEKSAgFipYp9ozc9Wyg3pE9RRW8Tc/4pRbXviy
kZJVinjS2exs8EIZKx7lnosklwVkXkQFdiBjAljUizg62CUMKahBZTsqTfha
w4BZAzjGaZjkkXQWRdwAjzcWY6VKnUZDjBxU6p/EWruGx0IePfswkNQ44ZIJ
kyQ/TlUpo7r+hQX8FsQnYkabSwhO2w+0yp1poVaJzVRk4ZiVpUYEpw6pysBb
a4qOYFBa2dTFAHB7AbGBFB+Lc8uC4iZVakoA382lJg/lg4GKYl92kNBsEQGG
jCJi1GugeoIkq4MR+QBkAoNgJhSunLAmaGaIgBMnvQnx7B0tTqE70oH8mMnU
xM5DvR04I2DyI7j3hdZAOnmBjODwqQwLNkWXZ4qajVidiq0BDSAGa210eBGK
JQQNrSaWCaph+LLsjDptflqrmNagzNXwIls55YMZn6ppnrjCB5NYU9OVgZBc
fQzRWkLhaURTvG2+OzmEZb6nSqgRKmIypXPolTbpDYa2VeupxVW/juolvkzl
mPf7drUsFcIQZRZQHG3ZINDaDimatfgYtZ601YKNDaWD2WjKxMCohBrucB/q
wtVck1jCp3BMFyZOS8YDS+GUxm9PqcpFebRNEcfVdCtVVXb691xRFkSkhEBO
uUxDRaJBXIHku4z95abwP1xk/8Frgv62lYlRV/oOV6fY/cbjjY3WKWN0ZoAt
tl2pOe9VLmdAEX4PGaXjig++HHdkp104BrPsmpW6s9/FajjP6kZna2urs37q
SkzHqXFRqaiIbTVKWdM2tOFwC+rN3LYFfCKar8bLmEL8i1pDohARF4ZfyCSh
36kcqSwuLZgLaxWiSpvMG16dkLaNLl83jrNsGvhaH5t6e9Tf6/Klvy7xBG7P
LzRkQsSRmaglz18839pgzLXawjEcUqYjGTinMHLtfH0NtkEWv7a+sfnk6bPn
L7YeW9teW++ss1fKZF1+7nuvha6Zs+Uuv1f+1lSEfmLiup2st1jdQW6h89c5
IPRAE2TsJ1uXB9amfP1+sfbQ6fznBpQqjKLES95qbA/L9aQd3zYvLPt4veL6
WbcamZn+ZkbmbMN8iXEU2vad4t9EN4t0/lDFLJi7UCtm+mCtOGu3ajlAJFGI
0yESDvAUhCxGNtpeXva3vye9OPQ0K1y0FroIccWUW22sRk6EZOKsyiA2zJTn
tJCjATFtOTH88pGRISFPMPGmpl6VIkn6NA60krtmp1+ZgIJVeaWFjkVl9abi
BHbE/XGFTcsOOoTSpthIZKKR710ud41UCzq1HAmNitQQHrbwWUQgl8WmcaLk
MpbJ1JQPc20BX41DArEiTgBWO3wffzhAwyJgGgLneRLRwgpZ3hm7g9HFkTVH
9j2jg/Mc0BjinQIeQOhwCGlBjN2nhe5aGRMUTVZyBRGeGY80S2phXfTkU0Xj
j0iU7TmS4Yx8c5gnSceaBlQJ3AKModv1Xul8pgny0Kx+MAqpiygufB0OlD71
qqCUz83YSkEj8MiLWv3jMrtlqSgO7Km4A02RxF8J6TE2YW5DNRcDQo0W4IwF
HaYSeAHfvp5p+ZP6nbFIU5m0bP1WHQLSICvnomNszfZg++32nMnCY3/JVDCg
fDFBFRf9fPMTe/DL96I4U7rL4YSE47ScJgILXV7+mc6AIWoPjeBDNLxWHDk6
7lWKZO96zacUZk55L9N5SPVPxHszSOQj7+XDYfwRqiJuMcUHXFcDwI5j4woE
WZAwFQnjSBhLwnfJWeu2NVASe4Iosi4v/0Qrdmq3UirCgaNIocMVnxMSuyaY
Hup4UHS8q3P8mp6bRUwM6BbavrX3YtbEnkXkpPhD/TorLOrMezZ95KYeejdU
kyks45q9pQsPrOua1e/loDgowfwVxlYd8zSABMbYiRxKexfF0GeXlxh2jYi1
VyC0ponQmAHdhZiR+zRr/AVD365tM7avxcjWfAdVnXpzqPVnpxAbdiSkWpj4
sKBQVbqmqOL9ARFthvdeHb073IWEka7E/IiG05KtoNRZ3kY0zwfFx64KqJWp
FrVqImfN9SYjfp5nvKh2Fy8H6d+SK2j/PSlrMeIFseJVseOuzNAge4L1/ns+
8QE3gR0g34nMuNs1So9QLWB1ujBVZaZtRCQU/0KMqmGMbdurSmsUNRB3aRWt
gBe1Xeiu61J8mfhY4e+VPiMuvqc7VtT8Ih3alceQfujoho4uh9drJ1zvZS65
Wfev3RJD2qyc7voWxxeRq6SGimp0YmHu6NB6eo3qna5t7JHUFSfH4Ve8L4Et
yCnp3oL3DdtRJPxCTfOrRRgJn5bRj5pdtchBCQIjEC8KKq8XUvlwL5UPJZVF
p1XW4W+QDQZ5anPTHbQjOQhoyB3E7RnYYuKUF+8hTkNq+3dnQjeIFVn0DmIY
UufUEnt9K7F7OCNiJWeENVN5UbuIyH0XNZFD1PEeer5FKq8b1rU14EUGcVIz
84ZVlwbRCNu2BZv62F1He6yXD7L6S78AhW57QhvVup/0Pl0TjB0VTbXmu1YN
fbfs4XmFd1Pu2gRVQxd1u+EWbeYOx8HHI5VRRyFCaJ2APHK4R6nW+6ueTNnl
IOAdANtQq4kOzykOltklvDW79BZiO5+kijC5VXYvF6SjmxOtZI4p3hsy76JD
5+4AWsLeUBAcKw34lrITQVy/pkBzihtMALPFnSX8uZdGSpui/1zGkeBHKxWP
/mmgvxoFwdLlqFj6xXw32jUw6WKl1VTRcrSxlMq45R7CPZ3f2z9oKXvyDWpl
AUlob/9m/rxVOuAKgv2zuwdJkVZTneAa7pSGbHIr6oG4uhv60PTkFJUSrLEV
sIUqR2/eHL0lgyYLDJ3QVVoNSFUq5xNW2EhY9oYwOybBGmf49TTjaCx01Q/3
uuqHL3PVD39YV30xiLNPdlRfkv3p5c7xxsbT/yPH/eq3v3e/rWDN7c5bwprP
995ymT+oC3/Ntl+99n/bay0qv9trLSr/Qq8lGn9Qr+1RpSroWwJUlpED/R78
96v7/u7dt6zQb3ffskL/AvctlvmDuu+nJF3DN62pPq8ODb4m36/e+9nee0/y
LVtiX+i9X5Pv/1M//urGvzs3tt/PKS5p7FvuGx5sHnI8Wh2VzFFyZ7PFt4jo
Ktv2MWuOMS269R0URyjuulY13t/DxaLF12v30vNYq9R+dYgt76iTvZXqdjGo
ncwfxoRKy6AKBNfXXTqQqV9M4eUjflvPvOIHuzfOaBafzAR0rPNyd71+FrBw
+If68I37htePVvyczQfN8ecSfs6Te+fUDkb8nKcPmtNc59ncnMvurScc8/qn
602QX6fzzN7Bdl/OE8Z+t612qdNM6RbAxtNnHbqHt2XvGTjbT9SI7hK40//A
yPDnuUd3r0DO3yuoLgsY6b9J/ejRP/87ePwEeStM8BusfcP3hE5m7kqDu25R
DNv0wzbtsHfTiA72dHnkXQzb8MM2bhn2jTdZWRw093qIWMs/HRiTy0frT35e
pptYpru2NoJr5AP6txjWqm/2X4zW3L95Yf+li2wtpmlmbf3JygpIv6E9Whn6
bjPJt+gc/5tWCatVwt9uFS/NdS/NdSvNE0nggJ+W93axbvMir7+uYkjAaThz
l0eQPmpsfSZXlqlvbOLf3XvJRYioNLM32Ef23/MwiM7IXnTXn873L3gL7tly
YhrYg88aDy8+j4cXjocDIAqN9EaW5cw8Rsg3+Yi+AGTTh111B5bsvo8ozuuL
P/+8xZ+vtEHE09j6PBpbtIEgCPhAhGf2WyPhGWSVyGjkIvxlN09dGpGRvQgp
0jM+Uzmzm3kvEroc1KYnUjB/SUElTduMtgjdCCREPMgBwo5K5KzN/vVfyKn8
x1kanmEesAA5YSiQQxI1QfUUt9lrlacx/0HpMRQJWj+IbJxIUH9DgtUZqLyJ
w7GQCT+h3zpCLMRnudZixn/IQ4ABcYFRRzqWvJdJmWCpY4Hs9UpdYHibnSiw
CT2ksyS+oMtorB9P8BYJfCDlGSOzndEXSiFF9y1Ze3Gl0ijiH/sf4IUahS5H
AAA=
</rfc> </rfc>
 End of changes. 202 change blocks. 
1015 lines changed or deleted 1100 lines changed or added

This html diff was produced by rfcdiff 1.48.