RFC Errata
RFC 9711, "The Entity Attestation Token (EAT)", April 2025
Source of RFC: rats (sec)
Errata ID: 8401
Status: Rejected
Type: Technical
Publication Format(s) : TEXT, PDF, HTML
Reported By: Muhammad Usama Sardar
Date Reported: 2025-05-01
Rejected by: Deb Cooley
Date Rejected: 2025-06-27
Section 1 says:
For attestation, the keys are associated with specific devices and are configured by device manufacturers.
It should say:
The quoted text is inaccurate and just an opinion of the editors. It should preferably be removed from the RFC.
Notes:
In SGX, the keys are not configured by the manufacturer alone. The platform owner can provide a random value called OWNER_EPOCH.
See this for technical details: https://mailarchive.ietf.org/arch/msg/rats/4V2zZHhk5IuxwcUMNWpPBpnzpaM/
--VERIFIER NOTES--
Incorrectly specified errata. The corrected text is not actually correct.