<?xml version='1.0' encoding='UTF-8'?>

<!DOCTYPE rfc [
  <!ENTITY nbsp    "&#160;">
  <!ENTITY zwsp   "&#8203;">
  <!ENTITY nbhy   "&#8209;">
  <!ENTITY wj     "&#8288;">
]>

<rfc xmlns:xi="http://www.w3.org/2001/XInclude" ipr="trust200902" docName="draft-ietf-rats-msg-wrap-23" number="9999" updates="" obsoletes="" xml:lang="en" category="std" consensus="true" submissionType="IETF" tocInclude="true" sortRefs="true" symRefs="true" version="3">

  <front>
    <title abbrev="RATS CMW">Remote ATtestation procedureS (RATS) Conceptual Message Wrapper (CMW)</title>
    <seriesInfo name="RFC" value="9999"/>
    <author initials="H." surname="Birkholz" fullname="Henk Birkholz">
      <organization>Fraunhofer SIT</organization>
      <address>
        <email>henk.birkholz@ietf.contact</email>
      </address>
    </author>
    <author initials="N." surname="Smith" fullname="Ned Smith">
      <organization>Independent</organization>
      <address>
        <email>ned.smith.ietf@outlook.com</email>
      </address>
    </author>
    <author initials="T." surname="Fossati" fullname="Thomas Fossati">
      <organization>Linaro</organization>
      <address>
        <email>thomas.fossati@linaro.org</email>
      </address>
    </author>
    <author initials="H." surname="Tschofenig" fullname="Hannes Tschofenig">
      <organization abbrev="UniBw M.">University of the Bundeswehr Munich</organization>
      <address>
	  <postal>
             <street>Werner-Heisenberg-Weg 39</street>
	    <extaddr>Institute of Distributed Intelligent Systems</extaddr>
          <city>Neubiberg</city>
          <code>85577</code>
          <country>Germany</country>
         </postal>
        <email>Hannes.Tschofenig@gmx.net</email>
      </address>
    </author>

    <date year="2026" month="July"/>

    <area>SEC</area>
    <workgroup>rats</workgroup>

    <keyword>evidence</keyword>
    <keyword>attestation results</keyword>
    <keyword>endorsements</keyword>
    <keyword>reference values</keyword>

    <abstract>
      <t>The conceptual messages introduced by the Remote ATtestation procedureS (RATS) architecture (RFC 9334) are protocol-agnostic data units that are conveyed between RATS roles during RATS interactions.
Conceptual messages describe the meaning and function of such data units within RATS data flows without specifying a wire format, encoding, transport mechanism, or processing details.
The initial set of conceptual messages is defined in Section 8 of RFC 9334 and includes Evidence, Attestation Results, Endorsements, Reference Values, and Appraisal Policies.</t>
      <t>This document introduces the Conceptual Message Wrapper (CMW) that provides a common structure to encapsulate these messages.
      It defines a dedicated Concise Binary Object Representation (CBOR) tag, corresponding JSON Web Token (JWT) and CBOR Web Token (CWT) claims, and an X.509 extension.</t>

      <t>Together, these mechanisms allow CMWs to be used in CBOR-based protocols, web APIs using JWTs and CWTs, and PKIX artifacts such as X.509 certificates.
Additionally, this document defines media types and CoAP Content-Formats that may be used to identify CMWs when transported over protocols such as HTTP, MIME, and CoAP.</t>
      <t>The goal is to improve the interoperability and flexibility of remote attestation protocols. Introducing a shared message format such as CMW enables consistent support for different attestation message types, enables the evolution of message serialization formats without breaking compatibility, and avoids the need to redefine how messages are handled within each protocol.</t>
    </abstract>

  </front>
  <middle>
    <?line 115?>

<section anchor="introduction">
      <name>Introduction</name>
      <t>The conceptual messages introduced by the Remote ATtestation procedureS (RATS) architecture <xref target="RFC9334"/> are protocol-agnostic data units that are conveyed between RATS roles during RATS interactions.
Conceptual messages describe the meaning and function of such data units within RATS data flows without specifying a wire format, encoding, transport mechanism, or processing details.
The initial set of conceptual messages is defined in <xref section="8" sectionFormat="of" target="RFC9334"/> and includes Evidence, Attestation Results, Endorsements, Reference Values, and Appraisal Policies.</t>
<t>Each conceptual message can have multiple claim-encoding and serialization
formats (<xref section="9" sectionFormat="of" target="RFC9334"/>). Throughout their lifetime, RATS
conceptual messages are typically transported over different protocols.
For example:</t>
      <ul spacing="normal">
        <li>
          <t>In a "background-check" topology (<xref section="5.2" sectionFormat="of" target="RFC9334"/>), Evidence (e.g., Entity Attestation Token (EAT) <xref target="RFC9711"/>) first flows from the Attester to the Relying Party (RP); then it flows from the RP to the Verifier and each leg following a separate protocol path. See <xref target="topo-1"/>.</t>
	  
	  <figure anchor="topo-1" align="left">
	    <name>Conveyance of RATS Conceptual Messages in the
          'background-check' Topology</name>
        <artset>
          <artwork type="svg" align="left"><svg xmlns="http://www.w3.org/2000/svg" version="1.1" height="192" width="344" viewBox="0 0 344 192" class="diagram" text-anchor="middle" font-family="monospace" font-size="13px" stroke-linecap="round">
              <path d="M 8,144 L 8,176" fill="none" stroke="black"/>
              <path d="M 112,144 L 112,176" fill="none" stroke="black"/>
              <path d="M 232,32 L 232,64" fill="none" stroke="black"/>
              <path d="M 232,144 L 232,176" fill="none" stroke="black"/>
              <path d="M 264,72 L 264,144" fill="none" stroke="black"/>
              <path d="M 336,32 L 336,64" fill="none" stroke="black"/>
              <path d="M 336,144 L 336,176" fill="none" stroke="black"/>
              <path d="M 232,32 L 336,32" fill="none" stroke="black"/>
              <path d="M 232,64 L 336,64" fill="none" stroke="black"/>
              <path d="M 8,144 L 112,144" fill="none" stroke="black"/>
              <path d="M 232,144 L 256,144" fill="none" stroke="black"/>
              <path d="M 272,144 L 336,144" fill="none" stroke="black"/>
              <path d="M 112,160 L 224,160" fill="none" stroke="black"/>
              <path d="M 240,160 L 248,160" fill="none" stroke="black"/>
              <path d="M 8,176 L 112,176" fill="none" stroke="black"/>
              <path d="M 232,176 L 336,176" fill="none" stroke="black"/>
              <path d="M 248,160 C 256.83064,160 264,152.83064 264,144" fill="none" stroke="black"/>
              <polygon class="arrowhead" points="272,72 260,66.4 260,77.6" fill="black" transform="rotate(270,264,72)"/>
              <polygon class="arrowhead" points="232,160 220,154.4 220,165.6" fill="black" transform="rotate(0,224,160)"/>
              <g class="text">
                <text x="284" y="52">Verifier</text>
                <text x="288" y="100">EAT</text>
                <text x="292" y="116">over</text>
                <text x="292" y="132">REST</text>
                <text x="328" y="132">API</text>
                <text x="60" y="164">Attester</text>
                <text x="316" y="164">RP</text>
                <text x="136" y="180">EAT</text>
                <text x="172" y="180">over</text>
                <text x="208" y="180">TLS</text>
              </g>
            </svg>
          </artwork>
          <artwork type="ascii-art" align="left"><![CDATA[
                            .------------.
                            |  Verifier  |
                            '------------'
                                ^
                                | EAT
                                | over
                                | REST API
.------------.              .---|--------.
|  Attester  +------------->|--'      RP |
'------------' EAT over TLS '------------']]></artwork>
        </artset>
      </figure></li>
        <li>
          <t>In a "passport" topology (<xref section="5.1" sectionFormat="of" target="RFC9334"/>), an attestation result payload (e.g., EAT Attestation Result (EAR) <xref target="I-D.ietf-rats-ear"/>) is initially sent from the Verifier to the Attester; later, it is sent via a different channel from the Attester to the RP.  See <xref target="topo-2"/>.</t>
      <figure anchor="topo-2" align="left">
	<name>Conveyance of RATS Conceptual Messages in the 'passport'
          Topology</name>
        <artset>
          <artwork type="svg" align="left"><svg xmlns="http://www.w3.org/2000/svg" version="1.1" height="208" width="344" viewBox="0 0 344 208" class="diagram" text-anchor="middle" font-family="monospace" font-size="13px" stroke-linecap="round">
              <path d="M 8,32 L 8,64" fill="none" stroke="black"/>
              <path d="M 8,144 L 8,176" fill="none" stroke="black"/>
              <path d="M 80,64 L 80,136" fill="none" stroke="black"/>
              <path d="M 112,32 L 112,64" fill="none" stroke="black"/>
              <path d="M 112,144 L 112,176" fill="none" stroke="black"/>
              <path d="M 232,144 L 232,176" fill="none" stroke="black"/>
              <path d="M 336,144 L 336,176" fill="none" stroke="black"/>
              <path d="M 8,32 L 112,32" fill="none" stroke="black"/>
              <path d="M 8,64 L 112,64" fill="none" stroke="black"/>
              <path d="M 8,144 L 112,144" fill="none" stroke="black"/>
              <path d="M 232,144 L 336,144" fill="none" stroke="black"/>
              <path d="M 112,160 L 224,160" fill="none" stroke="black"/>
              <path d="M 8,176 L 112,176" fill="none" stroke="black"/>
              <path d="M 232,176 L 336,176" fill="none" stroke="black"/>
              <polygon class="arrowhead" points="232,160 220,154.4 220,165.6" fill="black" transform="rotate(0,224,160)"/>
              <polygon class="arrowhead" points="88,136 76,130.4 76,141.6" fill="black" transform="rotate(90,80,136)"/>
              <g class="text">
                <text x="60" y="52">Verifier</text>
                <text x="56" y="84">EAR</text>
                <text x="52" y="100">over</text>
                <text x="20" y="116">REST</text>
                <text x="56" y="116">API</text>
                <text x="60" y="164">Attester</text>
                <text x="284" y="164">RP</text>
                <text x="136" y="180">EAR</text>
                <text x="172" y="180">over</text>
                <text x="208" y="180">TLS</text>
              </g>
            </svg>
          </artwork>
          <artwork type="ascii-art" align="left"><![CDATA[
 .------------.
 |  Verifier  |
 '--------+---'
      EAR |
     over |
 REST API |
          v
 .------------.              .------------.
 |  Attester  +------------->|     RP     |
 '------------' EAR over TLS '------------']]></artwork>
        </artset>
      </figure>
	</li>
      </ul>
      <t>By using the CMW format outlined in this document, protocol designers can avoid the need
to update protocol specifications to accommodate different conceptual messages and
serialization formats used by various attestation technologies. This approach streamlines
the implementation process for developers, enabling easier support for diverse attestation
technologies. For instance, an RP application implementer does not need to parse
attestation-related messages, such as Evidence from Attesters on Internet of Things (IoT) devices with Trusted
Platform Modules (TPMs) or servers using confidential computing hardware like Intel Trust
Domain Extensions (TDX). Instead, they can leverage the CMW format, remaining agnostic
to the specific attestation technology.</t>
      <t>A further design goal is extensibility.
This means that adding support for new conceptual messages and new attestation technologies should not change the core of the processor; it also means that a CMW stack can be designed to offer a plug-in interface for both encoding and decoding.
To achieve this, the format must provide consistent message encapsulation and explicit typing.
These features allow the selection of the appropriate message handler based on its type identifier.
An opaque message can then be passed between the core and the handler.</t>
      <t>This document defines two encapsulation formats for RATS conceptual
messages that aim to achieve the goals stated above.</t>
      <t>These encapsulation formats have been specifically designed to possess the following characteristics:</t>
      <ul spacing="normal">
        <li>
          <t>They are self-describing: they can convey precise typing information without relying on the framing provided by the embedding protocol or the storage system.</t>
        </li>
        <li>
          <t>They are based on media types <xref target="RFC6838"/>, which allows the cost of their registration to be spread across numerous usage scenarios.</t>
        </li>
      </ul>
      <t>A protocol designer could use these formats, for example, to:</t>
      <ul>
	<li>convey
Evidence, Endorsements, and Reference Values in certificates and Certificate Revocation List (CRL) 
	extensions <xref target="DICE-ARCH"/>;</li>
	<li>embed Attestation Results or Evidence as
first-class authentication credentials in TLS handshake messages
	<xref target="I-D.fossati-seat-early-attestation"/> <xref target="I-D.fossati-seat-expat"/>;</li>	
	<li>transport attestation-related payloads in RESTful APIs (where "RESTful" refers to the Representational State Transfer (REST) architecture); or</li>
	<li>serve as stable storage of Attestation Results in the form of file system
objects.</li></ul>
      <t>This document also defines a corresponding CBOR tag, JWT and CWT claims, and an X.509 extension.
These allow embedding the wrapped conceptual messages into CBOR-based protocols, web APIs, and PKIX formats and protocols.
In addition, media types and CoAP Content-Formats are defined for transporting CMWs in HTTP, MIME, CoAP, and other Internet protocols.</t>
    </section>
    <section anchor="conventions-and-definitions">
      <name>Conventions and Definitions</name>
        <t>
    The key words "<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>", "<bcp14>REQUIRED</bcp14>", "<bcp14>SHALL</bcp14>", "<bcp14>SHALL
    NOT</bcp14>", "<bcp14>SHOULD</bcp14>", "<bcp14>SHOULD NOT</bcp14>", "<bcp14>RECOMMENDED</bcp14>", "<bcp14>NOT RECOMMENDED</bcp14>",
    "<bcp14>MAY</bcp14>", and "<bcp14>OPTIONAL</bcp14>" in this document are to be interpreted as
    described in BCP&nbsp;14 <xref target="RFC2119"/> <xref target="RFC8174"/> 
    when, and only when, they appear in all capitals, as shown here.
        </t>
<t>In this document, Concise Data Definition Language (CDDL) (see <xref target="RFC8610"/>, <xref target="RFC9165"/>, and <xref target="RFC9741"/>) is used to describe the
data formats.</t>
      <t>The reader is assumed to be familiar with the vocabulary and concepts
defined in <xref target="RFC9334"/>.</t>
      <t>This document reuses the terms defined in <xref section="2" sectionFormat="of" target="RFC9193"/>
(e.g., "Content-Type").</t>
    </section>
    <section anchor="conceptual-message-wrappers">
      <name>Conceptual Message Wrappers</name>
      <t>A RATS CMW has a tree structure.
Leaf nodes are of type "Record" (<xref target="type-n-val"/>) or "Tag" (<xref target="cbor-tag"/>).
Intermediate nodes are of type "Collection" (<xref target="cmw-coll"/>); they hold together multiple CMW items.</t>
      <t>The following snippet outlines the productions associated with the top-level types.</t>
      <sourcecode type="cddl"><![CDATA[
start = cmw

cmw = json-cmw / cbor-cmw

json-cmw = json-record / json-collection
cbor-cmw = cbor-record / cbor-collection / $cbor-tag]]></sourcecode>

      <t>The complete CDDL can be found in <xref target="collected-cddl"/>.</t>
      <t>Sections <xref target="webtokens" format="counter"/> and <xref target="x509" format="counter"/> describe the transport of CMWs using CBOR, JWTs, and PKIX formats including Certificate Signing Requests (CSRs), X.509 certificates, and CRLs.</t>
      <t>This document only defines an encapsulation, not a security format.
It is the responsibility of the Attester to ensure that the CMW contents have the necessary security protection.
Security considerations are discussed in <xref target="seccons"/>.</t>
      <section anchor="type-n-val">
        <name>Record CMW</name>
        <t>The format of the Record CMW is shown in <xref target="fig-cddl-record"/>.
The JSON <xref target="STD90"/> and CBOR <xref target="STD94"/> representations are provided separately.
Both the <tt>json-record</tt> and <tt>cbor-record</tt> have the same fields, except for slight differences in the types discussed below.</t>
        <figure anchor="fig-cddl-record">
          <name>CDDL Definition of the Record CMW</name>
          <sourcecode type="cddl"><![CDATA[
json-record = [
  type: media-type
  value: base64url-string
  ? ind: uint .bits cm-type
]

cbor-record = [
  type: coap-content-format-type / media-type
  value: bytes
  ? ind: uint .bits cm-type
]]]></sourcecode>
        </figure>
        <t keepWithNext="true">Each contains two or three members:</t>
        <dl newline="true">
          <dt><tt>type</tt>:</dt>
          <dd>
            <t>Either a text string representing a Content-Type (e.g., an EAT media type
<xref target="RFC9782"/>) or an unsigned integer corresponding to a CoAP Content-Format
ID (<xref section="12.3" sectionFormat="of" target="RFC7252"/>).
The latter is not used in the JSON serialization.</t>
          </dd>
          <dt><tt>value</tt>:</dt>
          <dd>
            <t>The RATS conceptual message serialized according to the
value defined in the type member.
When using JSON, the value field <bcp14>MUST</bcp14> be encoded as Base64 using the URL and
filename-safe alphabet (<xref section="5" sectionFormat="of" target="RFC4648"/>) without padding.
This always applies, even if the conceptual message format is already textual (e.g., a JWT EAT).
When using CBOR, the value field <bcp14>MUST</bcp14> be encoded as a CBOR byte string.</t>
          </dd>
          <dt><tt>ind</tt>:</dt>
          <dd>
            <t>An optional bitmap with a maximum size of 4 bytes that indicates which conceptual message types are
carried in the <tt>value</tt> field.  Any combination (i.e., any value between
1 and 2<sup>32</sup>-1 inclusive) is allowed.  Only 5 bits are registered in this document, so the acceptable values are currently limited to 1 to 31.  This is useful only if the <tt>type</tt> is
potentially ambiguous and there is no further context available to the
CMW consumer to decide.  For example, this might be the case if the base
media type is not profiled (e.g., <tt>application/eat+cwt</tt>), if the <tt>value</tt>
field contains multiple conceptual messages with different types (e.g.,
both Reference Values and Endorsements within the same <tt>application/rim+cose</tt>), or if the same profile identifier is
shared by different conceptual messages.
The value <bcp14>MUST</bcp14> be non-zero. The absence of information about the conceptual message indicator is indicated by omitting the <tt>ind</tt> field entirely.
For further details, see <xref target="cm-type"/>.</t>
          </dd>
        </dl>
        <section anchor="cm-type">
          <name>Conceptual Message Type</name>
          <t>The <tt>cm-type</tt> type is the control type for the <tt>ind</tt> field.
As such, it indicates which bits are allowed to be set in the <tt>ind</tt> bitmap.</t>
          <figure anchor="fig-cddl-cm-type">
            <name>CDDL Definition of the CM Type</name>
            <sourcecode type="cddl"><![CDATA[
cm-type = &(
  reference-values: 0
  endorsements: 1
  evidence: 2
  attestation-results: 3
  appraisal-policy: 4
)]]></sourcecode>
          </figure>
          <t>The <tt>cm-type</tt> as defined by this document has five allowed values: Reference Values, Endorsements, Evidence, Attestation Results, and Appraisal Policy, as defined in <xref section="8" sectionFormat="of" target="RFC9334"/>.
Note that an Appraisal Policy may refer to the appraisal of Evidence or Attestation Results, depending on whether the consumer of the conceptual message is a Verifier or an RP.</t>
          <t>It is recommended that future specifications extending the RATS conceptual messages add new values to the <tt>cm-type</tt> using the process defined in <xref target="iana-ind-ext"/>.</t>
        </section>
      </section>
      <section anchor="cbor-tag">
        <name>Tag CMW</name>
        <t>Tag CMWs derive their tag numbers from a corresponding CoAP Content-Format ID using the <tt>TN()</tt> transform defined in <xref section="B" sectionFormat="of" target="RFC9277"/>.
Such CBOR tag numbers are in the range [1668546817, 1668612095].</t>
        <t>The RATS conceptual message is first serialized according to the Content-Format ID and then encoded as a CBOR byte string, to which the TN-derived tag number is prepended.</t>
        <t>The Tag CMW is defined in <xref target="fig-cddl-cbor-tag"/> using two different macros: one for CBOR-encoded types and the other for all other types.
Both macros take the CBOR tag number <tt>tn</tt> as a parameter.
The <tt>tag-cm-cbor</tt> macro takes the CDDL definition of the associated conceptual message <tt>fmt</tt> as a second parameter.</t>
        <figure anchor="fig-cddl-cbor-tag">
          <name>CDDL Definition of the Tag CMW Macros</name>
          <sourcecode type="cddl"><![CDATA[
tag-cm-cbor<tn, fmt> = #6.<tn>(bytes .cbor fmt)

tag-cm-data<tn> = #6.<tn>(bytes)]]></sourcecode>
        </figure>
        <section anchor="how-to-plug-in-a-new-tag-cmw">
          <name>How to Plug in a New Tag CMW</name>
          <t>To plug a new Tag CMW into the CDDL defined in <xref target="collected-cddl"/>, the <tt>$cbor-tag</tt> type socket must be extended with a new instance of the Tag CMW macro (i.e., one of <tt>tag-cm-cbor</tt> or <tt>tag-cm-data</tt>).</t>
          <t>For instance, if a conceptual message of type <tt>my-evidence</tt> has the TN-derived CBOR tag <tt>1668612069</tt>, <tt>$cbor-tag</tt> would be extended as follows:</t>
          <sourcecode type="cddl"><![CDATA[
$cbor-tag /= tag-cm-cbor<1668612069, my-evidence>

my-evidence = {
  &(eat_nonce: 10) => bytes .size (8..64)
}]]></sourcecode>

          <t>Instead, if a (non-CBOR) conceptual message has the TN-derived CBOR tag <tt>1668612070</tt>, <tt>$cbor-tag</tt> would be extended as follows:</t>

          <sourcecode type="cddl"><![CDATA[
$cbor-tag /= tag-cm-data<1668612070>]]></sourcecode>

          <t>The socket is initialized as described in <xref target="fig-9277-tags"/>.</t>
        </section>
      </section>
      <section anchor="cmw-coll">
        <name>Collection CMW</name>
        <t>Layered Attesters and composite devices (Sections <xref target="RFC9334" section="3.2" sectionFormat="bare"/> and <xref target="RFC9334" section="3.3" sectionFormat="bare"/> of <xref target="RFC9334"/>) generate Evidence that consists of multiple parts.
For example, in data center servers, it is not uncommon for separate attesting environments (AEs) to serve a subsection of the entire machine.
One AE might measure and attest to what was booted on the main CPU, while another AE might measure and attest to what was booted on a SmartNIC plugged into a PCI Express (PCIe) slot, and a third AE might measure and attest to what was booted on the machine's Graphics Processing Unit (GPU).
To allow aggregation of multiple, potentially non-homogeneous evidence formats collected from different AEs, this document defines a Collection CMW as a container that holds several CMW items, each with a label that is unique within the scope of the collection.</t>
        <t>Although originally designed to support layered Attester and composite device use cases, the Collection CMW can be adapted for other scenarios that require the aggregation of RATS conceptual messages.
For instance, collections may be used to group Endorsements, Reference Values, Attestation Results, and more.
A single Collection CMW can contain a mix of different message types; it can also be used to carry messages related to multiple devices simultaneously.</t>
        <t>The Collection CMW (<xref target="fig-cddl-collection"/>) is defined as a CBOR map or JSON object containing CMW values.
The position of a <tt>cmw</tt> entry in the <tt>cmw-collection</tt> is not significant.
Labels can be strings (or integers in the CBOR serialization) that serve as a mnemonic for different conceptual messages in the collection.</t>
        <figure anchor="fig-cddl-collection">
          <name>CDDL Definition of the Collection CMW</name>
          <sourcecode type="cddl"><![CDATA[
json-collection = {
  ? "__cmwc_t": ~uri / oid
  + &(label: text) => json-cmw
}

cbor-collection = {
  ? "__cmwc_t": ~uri / oid
  + &(label: (int / text)) => cbor-cmw
}]]></sourcecode>
        </figure>
        <t>A collection <bcp14>MUST</bcp14> have at least one CMW entry.</t>
        <t>The <tt>"__cmwc_t"</tt> key is reserved for associating an optional type with the overall collection and <bcp14>MUST NOT</bcp14> be used for any purpose other than described here.</t>
        <t>The value of the <tt>"__cmwc_t"</tt> key is either a Uniform Resource Identifier (URI) or an object identifier (OID).
The OID is always absolute and never relative.
The URI <bcp14>MUST</bcp14> be in the absolute form (<xref section="4.3" sectionFormat="of" target="RFC3986"/>).</t>
        <t>The <tt>"__cmwc_t"</tt> key functions similarly to an EAT profile claim (see <xref section="4.3.2" sectionFormat="of" target="RFC9711"/>) but at a higher level.
It can be used to indicate basics like CBOR serialization and CBOR Object Signing and Encryption (COSE) algorithms just as a profile in EAT does.
It provides a namespace in which the collection labels are interpreted.
At the higher level, it can be used to describe the allowed Collection CMW assembly (this is somewhat parallel to the way EAT profiles indicate which claims are required and/or allowed).
For an example of a <tt>"__cmwc_t"</tt> that is defined for a bundle of endorsements and reference values, see <xref section="4.3.1" sectionFormat="of" target="I-D.ietf-rats-corim"/>.</t>
        <t>Since the Collection CMW is recursive (a Collection CMW is itself a CMW), implementations <bcp14>MAY</bcp14> limit the allowed depth of nesting.</t>
	<aside>
            <t>Implementation note: An API that uses CMW may support a discoverable "max-cmw-depth" attribute, allowing applications to advertise their own limits.
Also, a protocol using CMW may require its users to specify a minimum depth.
The exact details of how such a limit is discovered or set are out of scope of this document.</t>
	</aside>
      </section>
      <section anchor="demuxing">
        <name>Demuxing</name>
        <t>The split in the JSON/CBOR decoding path is expected to occur via the media type or content format (see Sections <xref target="iana-mt" format="counter"/> and <xref target="iana-cf" format="counter"/>, respectively) or via the container context of the embedded CMW (see Sections <xref target="iana-cwt" format="counter"/> and <xref target="iana-jwt" format="counter"/> for CWT/JWT and <xref target="iana-smi"/> for X.509).</t>
        <t>The following pseudocode illustrates how a one-byte look-ahead is sufficient to determine how to decode the remaining byte buffer.</t>
        <sourcecode type="pseudocode"><![CDATA[
func exampleCMWTypeDemux(b []byte) CMWType {
  if len(b) == 0 {
    return Unknown
  }

  switch b[0] {
  case 0x82: // 2-elements cbor-record (w/o ind field)
  case 0x83: // 3-elements cbor-record (w/ ind field)
  case 0x9f: // start of cbor-record using indefinite-length encoding
    return CBORRecord
  case 0xda: // tag-cm-cbor (CBOR tag in the TN range)
    return CBORTag
  case 0x5b: // ASCII '[', start of json-record
    return JSONRecord
  case 0x7b: // ASCII '{', start of json-collection
    return JSONCollection
  case 0xa0..0xbb: // CBOR map start values, start of cbor-collection
  case 0xbf:       // ditto
    return CBORCollection
  }

  return Unknown
}]]></sourcecode>
        <t>This code is provided for informational purposes only.
It is not expected that implementations will follow this demuxing strategy.</t>
      </section>
    </section>
    <section anchor="crypto">
      <name>Cryptographic Protection of CMWs</name>
      <t>This section highlights a number of mechanisms through which protocol designers can add data origin authentication, integrity, and (if used with a challenge-response protocol) anti-replay protection when employing CMWs.
These properties must be evaluated carefully in the context of the overall security model of the protocol.</t>
      <section anchor="signed-cbor-cmw">
        <name>Signing CBOR CMW Using COSE_Sign1</name>
        <t>A CBOR CMW can be signed using COSE <xref target="RFC9052"/>.
A <tt>signed-cbor-cmw</tt> is a <tt>COSE_Sign1</tt> with the following layout:</t>
        <sourcecode type="cddl"><![CDATA[
signed-cbor-cmw = [
  protected: bytes .cbor signed-cbor-cmw-protected-hdr
  unprotected: signed-cbor-cmw-unprotected-hdr
  payload: bytes .cbor cbor-cmw
  signature: bytes
]]]></sourcecode>

        <t>The payload <bcp14>MUST</bcp14> be the CBOR-encoded Tag, Record, or Collection CMW.</t>

        <sourcecode type="cddl"><![CDATA[
signed-cbor-cmw-protected-hdr = {
  1 => int                            ; alg
  3 => "application/cmw+cbor" / 273   ; cty
  * cose.label => cose.values
}

signed-cbor-cmw-unprotected-hdr = {
  * cose.label => cose.values
}

cose.label = int / text
cose.values = any]]></sourcecode>


        <t>The protected header <bcp14>MUST</bcp14> include the signature algorithm identifier.
The protected header <bcp14>MUST</bcp14> include either the media type <tt>application/cmw+cbor</tt> or the CoAP Content-Format 273.
Other header parameters <bcp14>MAY</bcp14> be added to the header buckets, for example, a <tt>kid</tt> that identifies the signing key.</t>
      </section>
      <section anchor="signed-json-cmw">
        <name>Signing JSON CMW Using JWS</name>
        <t>A JSON CMW can be signed using JSON Web Signature (JWS) <xref target="RFC7515"/>.
A <tt>signed-json-cmw</tt> uses either the Flattened JSON Serialization (<xref section="7.2.2" sectionFormat="of" target="RFC7515"/>) or the Compact Serialization (<xref section="3.1" sectionFormat="of" target="RFC7515"/>).</t>

        <sourcecode type="cddl"><![CDATA[
signed-json-cmw = jws-flattened-json / jws-compact

jws-flattened-json = {
  "protected": protected
  ? "header": unprotected
  "payload": payload
  "signature": signature
}

jws-compact =
  (((protected .cat ".") .cat payload) .cat ".") .cat signature

protected = text .b64u (text .json signed-json-cmw-protected-hdr)
unprotected = text .b64u (text .json signed-json-cmw-unprotected-hdr)
payload = text .b64u (text .json json-cmw)
signature = text .b64u bytes]]></sourcecode>

        <t>The payload <bcp14>MUST</bcp14> be the JSON-encoded Record or Collection CMW.</t>

        <sourcecode type="cddl"><![CDATA[
signed-json-cmw-protected-hdr = {
  "alg": text
  "cty": "application/cmw+json"
  * text => text
}

signed-json-cmw-unprotected-hdr = {
  * text => text
}]]></sourcecode>

        <t>The protected header <bcp14>MUST</bcp14> include the signature algorithm identifier and the media type <tt>application/cmw+json</tt>.
Other header parameters <bcp14>MAY</bcp14> be added to the header buckets, for example, a <tt>kid</tt> that identifies the signing key.</t>
      </section>
      <section anchor="webtokens">
        <name>Transporting CMW in COSE and JSON Web Tokens</name>
        <t>To facilitate the embedding of CMWs in CBOR-based protocols and web APIs, this document defines two <tt>"cmw"</tt> claims for use with JWT and CWT.</t>
        <t>The definitions for these claims can be found in Sections <xref target="iana-jwt" format="counter"/> and <xref target="iana-cwt" format="counter"/>, respectively.</t>
        <section anchor="encoding-requirements">
          <name>Encoding Requirements</name>
          <t>A Collection CMW carried in a <tt>"cmw"</tt> JWT claim <bcp14>MUST</bcp14> be a <tt>json-collection</tt>.
A Collection CMW carried in a <tt>"cmw"</tt> CWT claim <bcp14>MUST</bcp14> be a <tt>cbor-collection</tt>.</t>
          <t>A Record CMW carried in a <tt>"cmw"</tt> JWT claim <bcp14>MUST</bcp14> be a <tt>json-record</tt>.
A Record CMW carried in a <tt>"cmw"</tt> CWT claim <bcp14>MUST</bcp14> be a <tt>cbor-record</tt>.</t>
        </section>
      </section>
      <section anchor="x509">
        <name>Transporting CMW in PKIX Formats</name>
        <t>CMW may need to be transported in PKIX formats, such as CSRs or in X.509 certificates and CRLs.</t>
        <t>The use of CMW in CSRs is documented in <xref target="I-D.ietf-lamps-csr-attestation"/>, while one of the possible applications in X.509 certificates and CRLs is detailed in Section 6.1 of <xref target="DICE-ARCH"/>.</t>
        <t>This section outlines the CMW extension designed to carry CMW objects.
<xref target="privcons"/> discusses some privacy considerations related to the transport of CMW in X.509 formats.</t>
        <t>The CMW extension <bcp14>MAY</bcp14> be included in X.509 certificates, CRLs <xref target="RFC5280"/>, and CSRs.</t>
        <t>The CMW extension <bcp14>MUST</bcp14> be identified by the following object identifier:</t>
        <sourcecode type="asn.1"><![CDATA[
id-pe-cmw  OBJECT IDENTIFIER ::=
        { iso(1) identified-organization(3) dod(6) internet(1)
          security(5) mechanisms(5) pkix(7) id-pe(1) 35 }]]></sourcecode>

        <t>This extension <bcp14>SHOULD NOT</bcp14> be marked critical.
In cases where the wrapped conceptual message is essential for granting resource access, and there is a risk that legacy RPs would bypass crucial controls, it is acceptable to mark the extension as critical.</t>
        <t>The CMW extension has the following syntax:</t>

        <sourcecode type="asn.1"><![CDATA[
CMW ::= CHOICE {
    json UTF8String,
    cbor OCTET STRING
}]]></sourcecode>

        <t>The CMW <bcp14>MUST</bcp14> include the serialized CMW object in either JSON or CBOR format, utilizing the appropriate CHOICE entry.</t>
        <t>The DER-encoded <xref target="X.690"/> CMW is the value of the OCTET STRING for the extnValue field of the extension.</t>
        <section anchor="asn1-x509">
          <name>ASN.1 Module</name>
          <t>This section provides an ASN.1 module <xref target="X.680"/> for the CMW extension, following the conventions established in <xref target="RFC5912"/> and <xref target="RFC6268"/>.</t>

          <sourcecode type="asn.1"><![CDATA[
CMWExtn
  { iso(1) identified-organization(3) dod(6) internet(1)
    security(5) mechanisms(5) pkix(7) id-mod(0)
    id-mod-cmw-extn(123) }

DEFINITIONS IMPLICIT TAGS ::=
BEGIN

IMPORTS
  EXTENSION
  FROM PKIX-CommonTypes-2009  -- RFC 5912
    { iso(1) identified-organization(3) dod(6) internet(1)
      security(5) mechanisms(5) pkix(7) id-mod(0)
      id-mod-pkixCommon-02(57) } ;

-- CMW Extension

ext-CMW EXTENSION ::= {
  SYNTAX CMW
  IDENTIFIED BY id-pe-cmw }

-- CMW Extension OID

id-pe-cmw  OBJECT IDENTIFIER  ::=
   { iso(1) identified-organization(3) dod(6) internet(1)
     security(5) mechanisms(5) pkix(7) id-pe(1) 35 }

-- CMW Extension Syntax

CMW ::= CHOICE {
    json UTF8String,
    cbor OCTET STRING
}

END]]></sourcecode>

        </section>
        <section anchor="compatibility-with-trusted-computing-group-tcg-conceptualmessagewrapper">
          <name>Compatibility with Trusted Computing Group (TCG) ConceptualMessageWrapper</name>
          <t>Section 6.1.8 of <xref target="DICE-ARCH"/> specifies the ConceptualMessageWrapper (CMW) format and its corresponding object identifier.
The CMW format outlined in <xref target="DICE-ARCH"/> permits only a subset of the CMW grammar defined in this document.
In particular, the collection format cannot be encoded using TCG CMWs.</t>
        </section>
      </section>
    </section>
    <section anchor="examples">
      <name>Examples</name>
      <t>The (equivalent) examples in Sections <xref target="ex-ja" format="counter"/>, <xref target="ex-ca" format="counter"/>, and <xref target="ex-ct" format="counter"/> assume that
the Media-Type-Name <tt>application/vnd.example.rats-conceptual-msg</tt> has been
registered alongside a corresponding CoAP Content-Format ID, <tt>64999</tt> <xref target="RFC9876"/>.  The
CBOR tag <tt>1668612070</tt> is derived applying the <tt>TN()</tt> transform as described in
<xref target="cbor-tag"/>.</t>
      <t>All the examples focus on the wrapping aspects.
The wrapped messages are not instances of real conceptual messages.</t>
      <section anchor="ex-ja">
        <name>JSON-Encoded Record</name>
        <sourcecode type="cbor-diag"><![CDATA[
[
  "application/vnd.example.rats-conceptual-msg",
  "I0faVQ"
]]]></sourcecode>

      </section>
      <section anchor="ex-ca">
        <name>CBOR-Encoded Record</name>
        <sourcecode type="cbor-diag"><![CDATA[
[
  64999,
  h'2347da55'
]]]></sourcecode>

        <t>with the following wire representation:</t>

        <sourcecode><![CDATA[
82             # array(2)
   19 fde7     # unsigned(64999)
   44          # bytes(4)
      2347da55 # "#G\xDAU"]]></sourcecode>
        <t>Note that a Media-Type-Name can also be used with the CBOR-encoded Record form,
for example, if it is known that the receiver cannot handle CoAP
Content-Formats, or (unlike the case in point) if a CoAP Content-Format
ID has not been registered.</t>

        <sourcecode type="cbor-diag"><![CDATA[
[
  "application/vnd.example.rats-conceptual-msg",
  h'2347da55'
]]]></sourcecode>

      </section>
      <section anchor="ex-ct">
        <name>CBOR-Encoded Tag CMW</name>

        <sourcecode type="cbor-diag"><![CDATA[
1668612070(h'2347da55')]]></sourcecode>

        <t>with the following wire representation:</t>

        <sourcecode><![CDATA[
da 6374ffe6    # tag(1668612070)
   44          # bytes(4)
      2347da55 # "#G\xDAU"]]></sourcecode>
      </section>
      <section anchor="ex-ca-ind">
        <name>CBOR-Encoded Record with an Explicit Conceptual Message Indicator</name>
        <t>This is an example of a signed CoRIM (Concise Reference Integrity Manifest) <xref target="I-D.ietf-rats-corim"/> with an explicit <tt>ind</tt> value of <tt>0b0000_0011</tt> (3), indicating that the wrapped message contains both Reference Values and Endorsements.</t>
        <sourcecode type="cbor-diag"><![CDATA[
[
  "application/rim+cose",
  h'd28440a044d901f5a040',
  3
]]]></sourcecode>

        <t>with the following wire representation (this example uses line wrapping per <xref target="RFC8792"/>):</t>
	

        <sourcecode><![CDATA[
=============== NOTE: '\' line wrapping per RFC 8792 ================

83                                      # array(3)
   74                                   # text(20)
      6170706c69636174696f6e2f72696d2b636f7365 # "application/rim+\
                                                                cose"
   4a                                   # bytes(10)
      d28440a044d901f5a040              # serialized CM value
   03                                   # unsigned(3)]]></sourcecode>
      </section>
      <section anchor="cbor-encoded-collection">
        <name>CBOR-Encoded Collection</name>
        <t>The following example is a CBOR-encoded Collection CMW that assembles conceptual messages from three Attesters: Evidence for Attesters A and B and Attestation Results for Attester C.
It is given an explicit <tt>"__cmwc_t"</tt> using the URI form.</t>
        <sourcecode><![CDATA[
{
  "__cmwc_t": "tag:example.com,2024:composite-attester",
  / attester A / 0: [
    64999,
    h'2347da55',
    4
  ],
  / attester B / 1: 1668612070(h'2347da55'),
  / attester C / 2: [
    "application/eat+jwt",
    h'2e2e2e',
    8
  ]
}]]></sourcecode>
      </section>
      <section anchor="json-encoded-collection">
        <name>JSON-Encoded Collection</name>
        <t>The following example is a JSON-encoded Collection CMW that assembles Evidence from two Attesters.</t>
        <sourcecode><![CDATA[
{
  "__cmwc_t": "tag:example.com,2024:another-composite-attester",
  "attester A": [
    "application/eat-ucs+json",
    "e30K",
    4
  ],
  "attester B": [
    "application/eat-ucs+cbor",
    "oA",
    4
  ]
}]]></sourcecode>
      </section>
      <section anchor="use-in-jwt">
        <name>Use in JWT</name>
        <t>The following example shows the use of the <tt>"cmw"</tt> JWT claim to transport a Collection CMW in a JWT Claims Set <xref target="RFC7519"/>:</t>
        <sourcecode type="json"><![CDATA[
{
  "cmw": {
    "__cmwc_t": "tag:example.com,2024:another-composite-attester",
    "attester A": [
      "application/eat-ucs+json",
      "e30K",
      4
    ],
    "attester B": [
      "application/eat-ucs+cbor",
      "oA",
      4
    ]
  },
  "iss": "evidence collection daemon",
  "exp": 1300819380
}]]></sourcecode>
      </section>
    </section>
    <section anchor="collected-cddl">
      <name>Collected CDDL</name>
      <t>This section contains all the CDDL definitions included in this specification.</t>
      <sourcecode type="cddl"><![CDATA[
start = cmw

cmw = json-cmw / cbor-cmw

json-cmw = json-record / json-collection
cbor-cmw = cbor-record / cbor-collection / $cbor-tag

json-record = [
  type: media-type
  value: base64url-string
  ? ind: uint .bits cm-type
]

cbor-record = [
  type: coap-content-format-type / media-type
  value: bytes
  ? ind: uint .bits cm-type
]

tag-cm-cbor<tn, fmt> = #6.<tn>(bytes .cbor fmt)

tag-cm-data<tn> = #6.<tn>(bytes)

json-collection = {
  ? "__cmwc_t": ~uri / oid
  + &(label: text) => json-cmw
}

cbor-collection = {
  ? "__cmwc_t": ~uri / oid
  + &(label: (int / text)) => cbor-cmw
}

media-type = text .abnf ("Content-Type" .cat Content-Type-ABNF)
base64url-string = text .regexp "[A-Za-z0-9_-]+"

coap-content-format-type = uint .size 2

oid = text .regexp "([0-2])((\\.0)|(\\.[1-9][0-9]*))*"

cm-type = &(
  reference-values: 0
  endorsements: 1
  evidence: 2
  attestation-results: 3
  appraisal-policy: 4
)

Content-Type-ABNF = '

Content-Type   = Media-Type-Name *( *SP ";" *SP parameter )
parameter      = token "=" ( token / quoted-string )

token          = 1*tchar
tchar          = "!" / "#" / "$" / "%" / "&" / "\'" / "*"
               / "+" / "-" / "." / "^" / "_" / "`" / "|" / "~"
               / DIGIT / ALPHA
quoted-string  = %x22 *( qdtext / quoted-pair ) %x22
qdtext         = SP / %x21 / %x23-5B / %x5D-7E
quoted-pair    = "\\" ( SP / VCHAR )

Media-Type-Name = type-name "/" subtype-name

type-name = restricted-name
subtype-name = restricted-name

restricted-name = restricted-name-first *126restricted-name-chars
restricted-name-first  = ALPHA / DIGIT
restricted-name-chars  = ALPHA / DIGIT / "!" / "#" /
                         "$" / "&" / "-" / "^" / "_"
restricted-name-chars =/ "." ; Characters before first dot always
                             ; specify a facet name
restricted-name-chars =/ "+" ; Characters after last plus always
                             ; specify a structured syntax suffix

DIGIT     =  %x30-39           ; 0 - 9
POS-DIGIT =  %x31-39           ; 1 - 9
ALPHA     =  %x41-5A / %x61-7A ; A - Z / a - z
SP        =  %x20
VCHAR     =  %x21-7E           ; printable ASCII (no SP)
'

signed-cbor-cmw = [
  protected: bytes .cbor signed-cbor-cmw-protected-hdr
  unprotected: signed-cbor-cmw-unprotected-hdr
  payload: bytes .cbor cbor-cmw
  signature: bytes
]

signed-cbor-cmw-protected-hdr = {
  1 => int                            ; alg
  3 => "application/cmw+cbor" / 273   ; cty
  * cose.label => cose.values
}

signed-cbor-cmw-unprotected-hdr = {
  * cose.label => cose.values
}

cose.label = int / text
cose.values = any


signed-json-cmw = jws-flattened-json / jws-compact

jws-flattened-json = {
  "protected": protected
  ? "header": unprotected
  "payload": payload
  "signature": signature
}

jws-compact =
  (((protected .cat ".") .cat payload) .cat ".") .cat signature

signed-json-cmw-protected-hdr = {
  "alg": text
  "cty": "application/cmw+json"
  * text => text
}

signed-json-cmw-unprotected-hdr = {
  * text => text
}

protected = text .b64u (text .json signed-json-cmw-protected-hdr)
unprotected = text .b64u (text .json signed-json-cmw-unprotected-hdr)
payload = text .b64u (text .json json-cmw)
signature = text .b64u bytes

$cbor-tag /= tag-cm-cbor<1668547091, cbor-collection>
$cbor-tag /= tag-cm-cbor<1668547092, signed-cbor-cmw>

$cbor-tag /= tag-cm-data<1668547093> ; bytes(cmw+json collection)
$cbor-tag /= tag-cm-data<1668547094> ; bytes(cmw+jws)]]></sourcecode>

    </section>
    <section anchor="privcons">
      <name>Privacy Considerations</name>
      <t>The privacy considerations outlined in <xref section="11" sectionFormat="of" target="RFC9334"/> are fully applicable.
In particular, when a CMW contains Personally Identifiable Information (PII), which is the case for Evidence and sometimes for other conceptual messages as well, care must be taken to prevent unintended recipients from accessing it.
Generally, utilizing secure channels between the parties exchanging CMWs can help address or mitigate these concerns.
A specific scenario arises when a public key certificate is issued based on Evidence information provided by the certificate requestor to the issuing Certification Authority (CA).
For instance, an individual seeking a publicly trusted code signing certificate may be willing to disclose the details of the hardware where their code signing keys are stored (e.g., a Hardware Security Module (HSM) model, patch level, etc.).
However, they likely do not want this information to be publicly accessible.
Applications that intend to publicly "broadcast" Evidence claims received from a third party via X.509 certificates should define a certification practice statement <xref target="RFC3647"/> that clearly specifies the circumstances under which the CA can include such data in the issued certificate.
Note that the aforementioned consideration does not apply to cases where X.509 certificates are explicitly designed as a security envelope for Evidence claims, such as in <xref target="DICE-ARCH"/>.</t>
    </section>
    <section anchor="seccons">
      <name>Security Considerations</name>
      <t>The security considerations discussed in <xref section="12.2" sectionFormat="of" target="RFC9334"/> concerning the protection of conceptual messages are fully applicable.
The following subsections provide further elaboration on these points, particularly in relation to Collection CMWs.</t>
      <section anchor="cmw-protection">
        <name>CMW Protection</name>
        <t>Record, Tag, and Collection CMWs alone do not offer authenticity, integrity protection, or confidentiality.
It is the responsibility of the designer for each use case to determine the necessary security properties and implement them accordingly.</t>
        <t>RATS conceptual messages are typically secured using cryptography.
If the messages are already protected, no additional security requirements are imposed by this encapsulation.
If an adversary attempts to modify the payload encapsulation, it will result in incorrect processing of the encapsulated message, leading to an error.
If the messages are not protected, additional security must be added at a different layer.
For example, a <tt>cbor-record</tt> containing an Unprotected CWT Claims Set (UCCS) <xref target="RFC9781"/> can be signed as described in <xref target="signed-cbor-cmw"/>.</t>
        <t><xref target="crypto"/> describes a number of methods that can be used to add cryptographic protection to CMW.</t>
      </section>
      <section anchor="seccons-coll">
        <name>Using Collection CMWs for Evidence of Composite or Layered Devices</name>
        <t>When a Collection CMW is used to encapsulate Evidence for composite or layered attestation of a single device, all Evidence messages within the CMW <bcp14>MUST</bcp14> be cryptographically bound together to prevent an attacker from replacing Evidence from a compromised device with that from a non-compromised device.
If the Collection CMW is not protected from tampering by external security measures (such as object security primitives) or internal mechanisms (such as intra-item binding), an attacker could manipulate the collection's contents to deceive the Verifier into accepting bogus Evidence as genuine.</t>
        <t>Authenticity and integrity protection is expected to be provided by the underlying attestation technology.
For example, key material used to sign/bind an entire Collection CMW should be an attestation key, handled as described in <xref section="12.1" sectionFormat="of" target="RFC9334"/>.
The binding does not necessarily have to be a signature over the Collection CMW; it might also be achieved through identifiers, linking claims (e.g., nonces) across Collection CMW items, or signing or hashing between the members of the collection.
It is the responsibility of the Attester who creates the Collection CMW to ensure that the contents of the collection are integrity protected.</t>
      </section>
      <section anchor="integrating-cmw-into-protocols">
        <name>Integrating CMW into Protocols</name>
        <t>When CMW is integrated into some hosting protocol (for example, attested CSR <xref target="I-D.ietf-lamps-csr-attestation"/> or attested TLS <xref target="I-D.fossati-seat-early-attestation"/> <xref target="I-D.fossati-seat-expat"/>), it is up to that hosting protocol to describe how CMW is intended to be used and how it fits into the overall security model.</t>
        <t>Such an analysis should consider the types of conceptual messages allowed, including the permitted combinations, the protection requirements, the interface with the hosting protocol, and any other security-relevant aspect arising from the interaction between the CMW assembly and the hosting protocol.</t>
      </section>
    </section>
    <section anchor="iana-considerations">
      <name>IANA Considerations</name>
      <section anchor="iana-cwt">
        <name>CWT <tt>cmw</tt> Claim Registration</name>
        <t>IANA has added a new <tt>cmw</tt> claim to the "CBOR Web Token (CWT) Claims" registry <xref target="IANA.cwt"/> as follows:</t>
        <dl spacing="compact">
          <dt>Claim Name:</dt><dd>cmw</dd>
          <dt>Claim Description:</dt><dd>RATS Conceptual Message Wrapper</dd>
          <dt>JWT Claim Name:</dt><dd>cmw</dd>
          <dt>Claim Key:</dt><dd>299</dd>
          <dt>Claim Value Type:</dt><dd>CBOR map, CBOR array, or CBOR tag</dd>
          <dt>Change Controller:</dt><dd>IETF</dd>
          <dt>Reference:</dt><dd>Sections <xref target="type-n-val" format="counter"/>, <xref target="cbor-tag" format="counter"/>, and <xref target="cmw-coll" format="counter"/> of RFC 9999</dd>
        </dl>
      </section>
      <section anchor="iana-jwt">
        <name>JWT <tt>cmw</tt> Claim Registration</name>
        <t>IANA has added a new <tt>cmw</tt> claim to the "JSON Web Token Claims" registry within the "JSON Web Token (JWT)" registry group <xref target="IANA.jwt"/> as follows:</t>
        <dl spacing="compact">
          <dt>Claim Name:</dt><dd>cmw</dd>
          <dt>Claim Description:</dt><dd>RATS Conceptual Message Wrapper</dd>
          <dt>Change Controller:</dt><dd>IETF</dd>
          <dt>Reference:</dt><dd>Sections <xref target="type-n-val" format="counter"/> and <xref target="cmw-coll" format="counter"/> of RFC 9999</dd>
        </dl>
      </section>
      <section anchor="jws-structured-syntax-suffix">
        <name><tt>+jws</tt> Structured Syntax Suffix</name>
        <t>IANA has registered the <tt>+jws</tt> structured syntax suffix in the "Structured Syntax Suffixes" registry <xref target="IANA.structured-suffixes"/> in the manner described in <xref target="RFC6838"/>, which can be used to indicate that the media type is encoded as JWS <xref target="RFC7515"/>.</t>
        <section anchor="registry-contents">
          <name>Registry Entry</name>
          <dl>
            <dt>Name:</dt>
            <dd>
              <t>JSON Web Signature (JWS)</t>
            </dd>
            <dt>+suffix:</dt>
            <dd>
              <t>+jws</t>
            </dd>
            <dt>References:</dt>
            <dd>
              <t><xref target="RFC7515"/></t>
            </dd>
            <dt>Encoding Considerations:</dt>
            <dd>
              <t>binary. Values are represented as a JSON Object or as a series of base64url-encoded values, each separated from the next by a single period ('.') character.</t>
            </dd>
            <dt>Interoperability Considerations:</dt>
            <dd>
              <t>N/A</t>
            </dd>
            <dt>Fragment Identifier Considerations:</dt>
            <dd>
              <t>N/A</t>
            </dd>
            <dt>Security Considerations:</dt>
            <dd>
              <t>See <xref section="10" sectionFormat="of" target="RFC7515"/></t>
            </dd>
            <dt>Contact:</dt>
            <dd>
              <t>RATS WG mailing list (rats@ietf.org) or IETF Security Area (saag@ietf.org)</t>
            </dd>
            <dt>Author/Change Controller:</dt>
            <dd>
              <t>Remote ATtestation procedureS (RATS) Working Group.
The IETF has change control over this registration.</t>
            </dd>
          </dl>
        </section>
      </section>
      <section anchor="iana-ind-ext">
        <name>RATS Conceptual Message Wrapper (CMW) Indicators Registry</name>
        <t>IANA has created a new "RATS Conceptual Message Wrapper (CMW) Indicators" registry within the "Remote Attestation Procedures (RATS)" registry group <xref target="IANA.rats"/>. The registration procedure for the new registry is IETF Review (<xref section="4.8" sectionFormat="of" target="RFC8126"/>).</t>
        <t>The objective is to register CMW Indicator values for all RATS conceptual messages (see <xref section="8" sectionFormat="of" target="RFC9334"/>).</t>

        <t>Indicator values should be added in ascending order, with no gaps between them.</t>

	<t>Acceptable values correspond to the RATS conceptual messages defined by the RATS architecture <xref target="RFC9334"/> and any updates to it.</t>
        <section anchor="structure-of-entries">
          <name>Structure of Entries</name>
          <t>Each entry in the "RATS Conceptual Message Wrapper (CMW) Indicators" registry must include the following:</t>
          <dl newline="false">
            <dt>Indicator Value:</dt>
            <dd>
              <t>A number corresponding to the bit position in the <tt>ind</tt> bitmap (<xref target="type-n-val"/>).</t>
            </dd>
            <dt>Conceptual Message Name:</dt>
            <dd>
              <t>A text string describing the RATS conceptual message this indicator corresponds to.</t>
            </dd>
            <dt>Reference:</dt>
            <dd>
              <t>A reference to the document that defines the entry.</t>
            </dd>
          </dl>
          <t>The initial contents of the registry are shown in <xref target="tab-ind-regs"/>.</t>
          <table anchor="tab-ind-regs" align="left">
            <name>Initial Contents of the RATS CMW Indicators Registry</name>
            <thead>
              <tr>
                <th align="left">Indicator Value</th>
                <th align="left">Conceptual Message Name</th>
                <th align="left">Reference</th>
              </tr>
            </thead>
            <tbody>
              <tr>
                <td align="left">0</td>
                <td align="left">Reference Values</td>
                <td align="left">
                  <xref target="cm-type"/> of RFC 9999</td>
              </tr>
              <tr>
                <td align="left">1</td>
                <td align="left">Endorsements</td>
                <td align="left">
                  <xref target="cm-type"/> of RFC 9999</td>
              </tr>
              <tr>
                <td align="left">2</td>
                <td align="left">Evidence</td>
                <td align="left">
                  <xref target="cm-type"/> of RFC 9999</td>
              </tr>
              <tr>
                <td align="left">3</td>
                <td align="left">Attestation Results</td>
                <td align="left">
                  <xref target="cm-type"/> of RFC 9999</td>
              </tr>
              <tr>
                <td align="left">4</td>
                <td align="left">Appraisal Policy</td>
                <td align="left">
                  <xref target="cm-type"/> of RFC 9999</td>
              </tr>
              <tr>
                <td align="left">5-31</td>
                <td align="left">Unassigned</td>
                <td align="left"> </td>
              </tr>
            </tbody>
          </table>
        </section>
      </section>
      <section anchor="iana-mt">
        <name>Media Types</name>
        <t>IANA has added the following media types to the "Media Types" registry <xref target="IANA.media-types"/>:</t>
        <table anchor="tab-mt-regs" align="left">
          <name>CMW Media Types</name>
          <thead>
            <tr>
              <th align="left">Name</th>
              <th align="left">Template</th>
              <th align="left">Reference</th>
            </tr>
          </thead>
          <tbody>
            <tr>
              <td align="left">
               cmw+cbor</td>
              <td align="left">
               application/cmw+cbor</td>
              <td align="left">
                Sections <xref target="type-n-val" format="counter"/>, <xref target="cbor-tag" format="counter"/>, and <xref target="cmw-coll" format="counter"/> of RFC 9999</td>
            </tr>
            <tr>
              <td align="left">
               cmw+json</td>
              <td align="left">
                application/cmw+json</td>
              <td align="left">
                Sections <xref target="type-n-val" format="counter"/> and <xref target="cmw-coll" format="counter"/> of RFC 9999</td>
            </tr>
            <tr>
              <td align="left">
                cmw+cose</td>
              <td align="left">
                application/cmw+cose</td>
              <td align="left">
                <xref target="signed-cbor-cmw"/> of RFC 9999</td>
            </tr>
            <tr>
              <td align="left">
                cmw+jws</td>
              <td align="left">
                application/cmw+jws</td>
              <td align="left">
                <xref target="signed-json-cmw"/> of RFC 9999</td>
            </tr>
          </tbody>
        </table>
        <section anchor="applicationcmwcbor">
          <name><tt>application/cmw+cbor</tt></name>
          <dl>
            <dt>Type name:</dt>
            <dd>
              <t>application</t>
            </dd>
            <dt>Subtype name:</dt>
            <dd>
              <t>cmw+cbor</t>
            </dd>
            <dt>Required parameters:</dt>
            <dd>
              <t>N/A</t>
            </dd>
            <dt>Optional parameters:</dt>
            <dd>
              <t><tt>cmwc_t</tt> (Collection CMW type in string format.  OIDs must use the
dotted-decimal notation.  The parameter value is case-insensitive.  It must not be used for CMWs that are not collections.)</t>
            </dd>
            <dt>Encoding considerations:</dt>
            <dd>
              <t>binary (CBOR)</t>
            </dd>
            <dt>Security considerations:</dt>
            <dd>
              <t><xref target="seccons"/> of RFC 9999</t>
            </dd>
            <dt>Interoperability considerations:</dt>
            <dd>
              <t>N/A</t>
            </dd>
            <dt>Published specification:</dt>
            <dd>
              <t>RFC 9999</t>
            </dd>
            <dt>Applications that use this media type:</dt>
            <dd>
              <t>Attesters, Verifiers, Endorsers and Reference-Value providers, and Relying Parties that need to transfer CMW payloads over HTTP(S), CoAP(S), and other transports.</t>
            </dd>
            <dt>Fragment identifier considerations:</dt>
            <dd>
              <t>The syntax and semantics of fragment identifiers are as specified for "application/cbor". (No fragment identification syntax is currently defined for "application/cbor".)</t>
            </dd>
            <dt>Person &amp; email address to contact for further information:</dt>
            <dd>
              <t>RATS WG mailing list (rats@ietf.org)</t>
            </dd>
            <dt>Intended usage:</dt>
            <dd>
              <t>COMMON</t>
            </dd>
            <dt>Restrictions on usage:</dt>
            <dd>
              <t>none</t>
            </dd>
            <dt>Author/Change controller:</dt>
            <dd>
              <t>IETF</t>
            </dd>
          </dl>
        </section>
        <section anchor="applicationcmwjson">
          <name><tt>application/cmw+json</tt></name>
          <dl>
            <dt>Type name:</dt>
            <dd>
              <t>application</t>
            </dd>
            <dt>Subtype name:</dt>
            <dd>
              <t>cmw+json</t>
            </dd>
            <dt>Required parameters:</dt>
            <dd>
              <t>N/A</t>
            </dd>
            <dt>Optional parameters:</dt>
            <dd>
              <t><tt>cmwc_t</tt> (Collection CMW type in string format.  OIDs must use the
dotted-decimal notation.  The parameter value is case-insensitive.  It must not be used for CMWs that are not collections.)</t>
            </dd>
            <dt>Encoding considerations:</dt>
            <dd>
              <t>binary (JSON is UTF-8-encoded text)</t>
            </dd>
            <dt>Security considerations:</dt>
            <dd>
              <t><xref target="seccons"/> of RFC 9999</t>
            </dd>
            <dt>Interoperability considerations:</dt>
            <dd>
              <t>N/A</t>
            </dd>
            <dt>Published specification:</dt>
            <dd>
              <t>RFC 9999</t>
            </dd>
            <dt>Applications that use this media type:</dt>
            <dd>
              <t>Attesters, Verifiers, Endorsers and Reference-Value providers, and Relying Parties that need to transfer CMW payloads over HTTP(S), CoAP(S), and other transports.</t>
            </dd>
            <dt>Fragment identifier considerations:</dt>
            <dd>
              <t>The syntax and semantics of fragment identifiers are as specified for "application/json". (No fragment identification syntax is currently defined for "application/json".)</t>
            </dd>
            <dt>Person &amp; email address to contact for further information:</dt>
            <dd>
              <t>RATS WG mailing list (rats@ietf.org)</t>
            </dd>
            <dt>Intended usage:</dt>
            <dd>
              <t>COMMON</t>
            </dd>
            <dt>Restrictions on usage:</dt>
            <dd>
              <t>none</t>
            </dd>
            <dt>Author/Change controller:</dt>
            <dd>
              <t>IETF</t>
            </dd>
          </dl>
        </section>
        <section anchor="applicationcmwcose">
          <name><tt>application/cmw+cose</tt></name>
          <dl>
            <dt>Type name:</dt>
            <dd>
              <t>application</t>
            </dd>
            <dt>Subtype name:</dt>
            <dd>
              <t>cmw+cose</t>
            </dd>
            <dt>Required parameters:</dt>
            <dd>
              <t>N/A</t>
            </dd>
            <dt>Optional parameters:</dt>
            <dd>
              <t><tt>cmwc_t</tt> (Collection CMW type in string format.  OIDs must use the
dotted-decimal notation.  The parameter value is case-insensitive.  It must not be used for CMWs that are not collections.)  Note that the <tt>cose-type</tt> parameter is explicitly not supported, as it is understood to be <tt>"cose-sign1"</tt>.</t>
            </dd>
            <dt>Encoding considerations:</dt>
            <dd>
              <t>binary (CBOR)</t>
            </dd>
            <dt>Security considerations:</dt>
            <dd>
              <t><xref target="seccons"/> of RFC 9999</t>
            </dd>
            <dt>Interoperability considerations:</dt>
            <dd>
              <t>N/A</t>
            </dd>
            <dt>Published specification:</dt>
            <dd>
              <t>RFC 9999</t>
            </dd>
            <dt>Applications that use this media type:</dt>
            <dd>
              <t>Attesters, Verifiers, Endorsers and Reference-Value providers, and Relying Parties that need to transfer CMW payloads over HTTP(S), CoAP(S), and other transports.</t>
            </dd>
            <dt>Fragment identifier considerations:</dt>
            <dd>
              <t>N/A</t>
            </dd>
            <dt>Person &amp; email address to contact for further information:</dt>
            <dd>
              <t>RATS WG mailing list (rats@ietf.org)</t>
            </dd>
            <dt>Intended usage:</dt>
            <dd>
              <t>COMMON</t>
            </dd>
            <dt>Restrictions on usage:</dt>
            <dd>
              <t>none</t>
            </dd>
            <dt>Author/Change controller:</dt>
            <dd>
              <t>IETF</t>
            </dd>
          </dl>
        </section>
        <section anchor="applicationcmwjws">
          <name><tt>application/cmw+jws</tt></name>
          <dl>
            <dt>Type name:</dt>
            <dd>
              <t>application</t>
            </dd>
            <dt>Subtype name:</dt>
            <dd>
              <t>cmw+jws</t>
            </dd>
            <dt>Required parameters:</dt>
            <dd>
              <t>N/A</t>
            </dd>
            <dt>Optional parameters:</dt>
            <dd>
              <t><tt>cmwc_t</tt> (Collection CMW type in string format.  OIDs must use the
dotted-decimal notation.  The parameter value is case-insensitive.  It must not be used for CMWs that are not collections.)</t>
            </dd>
            <dt>Encoding considerations:</dt>
            <dd>
              <t>8bit. Values are represented as a JSON Object or as a series of base64url-encoded values, each separated from the next by a single period ('.') character.</t>
            </dd>
            <dt>Security considerations:</dt>
            <dd>
              <t><xref target="seccons"/> of RFC 9999</t>
            </dd>
            <dt>Interoperability considerations:</dt>
            <dd>
              <t>N/A</t>
            </dd>
            <dt>Published specification:</dt>
            <dd>
              <t>RFC 9999</t>
            </dd>
            <dt>Applications that use this media type:</dt>
            <dd>
              <t>Attesters, Verifiers, Endorsers and Reference-Value providers, and Relying Parties that need to transfer CMW payloads over HTTP(S), CoAP(S), and other transports.</t>
            </dd>
            <dt>Fragment identifier considerations:</dt>
            <dd>
              <t>N/A</t>
            </dd>
            <dt>Person &amp; email address to contact for further information:</dt>
            <dd>
              <t>RATS WG mailing list (rats@ietf.org)</t>
            </dd>
            <dt>Intended usage:</dt>
            <dd>
              <t>COMMON</t>
            </dd>
            <dt>Restrictions on usage:</dt>
            <dd>
              <t>none</t>
            </dd>
            <dt>Author/Change controller:</dt>
            <dd>
              <t>IETF</t>
            </dd>
          </dl>
        </section>
      </section>
      <section anchor="iana-cf">
        <name>CoAP Content-Formats</name>
        <t>IANA has registered the following Content-Format IDs in the "CoAP Content-Formats" registry within the "Constrained RESTful Environments (CoRE) Parameters" registry group <xref target="IANA.core-parameters"/>:</t>
        <table align="left" anchor="tab-cf-regs">
          <name>CoAP Content-Formats</name>
          <thead>
            <tr>
              <th align="left">Content-Type</th>
              <th align="left">Content Coding</th>
              <th align="left">ID</th>
              <th align="left">Reference</th>
            </tr>
          </thead>
          <tbody>
            <tr>
              <td align="left">application/cmw+cbor</td>
              <td align="center">-</td>
              <td align="left">273</td>
              <td align="left">
                Sections <xref target="type-n-val" format="counter"/>, <xref target="cbor-tag" format="counter"/>, and <xref target="cmw-coll" format="counter"/> of RFC 9999</td>
            </tr>
            <tr>
              <td align="left">application/cmw+json</td>
              <td align="center">-</td>
              <td align="left">274</td>
              <td align="left">
                Sections <xref target="type-n-val" format="counter"/> and <xref target="cmw-coll" format="counter"/> of RFC 9999</td>
            </tr>
            <tr>
              <td align="left">application/cmw+cose</td>
              <td align="center">-</td>
              <td align="left">275</td>
              <td align="left">
                <xref target="signed-cbor-cmw"/> of RFC 9999</td>
            </tr>
            <tr>
              <td align="left">application/cmw+jws</td>
              <td align="center">-</td>
              <td align="left">276</td>
              <td align="left">
                <xref target="signed-json-cmw"/> of RFC 9999</td>
            </tr>
          </tbody>
        </table>
       
        <section anchor="registering-new-coap-content-formats-for-parameterized-cmw-media-types">
          <name>Registering New CoAP Content-Formats for Parameterized CMW Media Types</name>
          <t>New CoAP Content-Formats can be created based on parameterized instances of the <tt>application/cmw+json</tt>, <tt>application/cmw+cbor</tt>, <tt>application/cmw+cose</tt>, and <tt>application/cmw+jws</tt> media types.</t>
          <t>When assigning a new CoAP Content-Format ID for a CMW media type that utilizes the <tt>cmwc_t</tt> parameter, the registrar must check (directly or through the designated expert) the following:</t>
          <ul spacing="normal">
            <li>
              <t>The corresponding CMW is a collection (<xref target="cmw-coll"/>).</t>
            </li>
            <li>
              <t>The <tt>cmwc_t</tt> value is either an (non-relative) OID or an absolute URI.</t>
            </li>
          </ul>
        </section>
        <section anchor="rfc9277-cbor-tags">
          <name>CBOR Tags per RFC 9277</name>
          <t>Registering the CoAP Content-Formats listed in <xref target="tab-cf-regs"/> automatically allocates CBOR tags in the range [1668546817, 1668612095] using the <tt>TN()</tt> transform defined in <xref section="B" sectionFormat="of" target="RFC9277"/>.
	  The allocated CBOR tag numbers and the corresponding data items are shown in <xref target="tab-9277-tags"/>.</t>
	  <t>Note that CMWs in Tag and Record form are excluded.  This is because
  they can already be represented as a CMW, so the extra wrapping would
  be redundant.
	  </t>
          <table align="left" anchor="tab-9277-tags">
            <name>TN-Derived CBOR Tags</name>
            <thead>
              <tr>
                <th align="left">Tag Number</th>
                <th align="left">Tag Content</th>
              </tr>
            </thead>
            <tbody>
              <tr>
                <td align="left">1668547091</td>
                <td align="left">bytes .cbor cbor-collection</td>
              </tr>
              <tr>
                <td align="left">1668547092</td>
                <td align="left">bytes .cbor signed-cbor-cmw</td>
              </tr>
              <tr>
                <td align="left">1668547093</td>
                <td align="left">bytes-wrapped json-collection</td>
              </tr>
              <tr>
                <td align="left">1668547094</td>
                <td align="left">bytes-wrapped signed-json-cmw</td>
              </tr>
            </tbody>
          </table>
          <t><xref target="fig-9277-tags"/> extends the <tt>$cbor-tag</tt> socket defined in <xref target="cbor-tag"/> to add the definitions of the associated Tag CMWs.</t>
          <figure anchor="fig-9277-tags">
            <name>Tag CMW Definitions</name>
            <sourcecode type="cddl"><![CDATA[
$cbor-tag /= tag-cm-cbor<1668547091, cbor-collection>
$cbor-tag /= tag-cm-cbor<1668547092, signed-cbor-cmw>
$cbor-tag /= tag-cm-data<1668547093> ; bytes(cmw+json collection)
$cbor-tag /= tag-cm-data<1668547094> ; bytes(cmw+jws)]]></sourcecode>

          </figure>
        </section>
      </section>
      <section anchor="iana-smi">
        <name>SMI Number Registration</name>
        <t>IANA has assigned an OID for the CMW extension defined in <xref target="x509"/> in the "SMI Security for PKIX Certificate Extension" registry within the "Structure of Management Information (SMI) Numbers (MIB Module Registrations)" registry group <xref target="IANA.smi-numbers"/> as follows:</t>
        <table align="left">
          <name>CMW Extension OID</name>
          <thead>
            <tr>
              <th align="left">Decimal</th>
              <th align="left">Description</th>
              <th align="left">Reference</th>
            </tr>
          </thead>
          <tbody>
            <tr>
              <td align="left">35</td>
              <td align="left">id-pe-cmw</td>
              <td align="left">
                <xref target="x509"/> of RFC 9999</td>
            </tr>
          </tbody>
        </table>
        <t>IANA has assigned an OID for the ASN.1 module defined in <xref target="asn1-x509"/> in the "SMI Security for PKIX Module Identifier" registry within the "Structure of Management Information (SMI) Numbers (MIB Module Registrations)" registry group <xref target="IANA.smi-numbers"/>:</t>
        <table align="left">
          <name>ASN.1 Module OID</name>
          <thead>
            <tr>
              <th align="left">Decimal</th>
              <th align="left">Description</th>
              <th align="left">Reference</th>
            </tr>
          </thead>
          <tbody>
            <tr>
              <td align="left">123</td>
              <td align="left">id-mod-cmw-extn</td>
              <td align="left">
                <xref target="asn1-x509"/> of RFC 9999</td>
            </tr>
          </tbody>
        </table>
      </section>
    </section>
  </middle>
  <back>
    
    <displayreference target="I-D.fossati-seat-early-attestation" to="RA-TLS-DTLS"/>
    <displayreference target="I-D.ietf-rats-ear" to="EAR"/>
    <displayreference target="I-D.ietf-lamps-csr-attestation" to="RA-CERT-SIGN"/>
    <displayreference target="I-D.ietf-rats-corim" to="CoRIM"/>
    <displayreference target="I-D.fossati-seat-expat" to="RA-EXP-AUTH"/>

    <references anchor="sec-combined-references">
      <name>References</name>
      <references anchor="sec-normative-references">
        <name>Normative References</name>
        <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.3986.xml" />
        <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.4648.xml"/>
        <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.5280.xml"/>
        <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.5912.xml"/>
        <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.6268.xml"/>
        <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.6838.xml"/>
        <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.7252.xml"/>
        <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.7515.xml"/>
        <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.7519.xml"/>
        <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8610.xml"/>
        <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.9165.xml"/>
        <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.9741.xml"/>
        <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.9277.xml"/>
        <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.9334.xml"/>
       
	<xi:include href="https://bib.ietf.org/public/rfc/bibxml9/reference.STD.90.xml"/>
	<xi:include href="https://bib.ietf.org/public/rfc/bibxml9/reference.STD.94.xml"/>
        <reference anchor="IANA.cwt" target="https://www.iana.org/assignments/cwt">
          <front>
            <title>CBOR Web Token (CWT)</title>
            <author>
              <organization>IANA</organization>
            </author>
          </front>
        </reference>
        <reference anchor="IANA.jwt" target="https://www.iana.org/assignments/jwt">
          <front>
            <title>JSON Web Token (JWT)</title>
            <author>
              <organization>IANA</organization>
            </author>
          </front>
        </reference>
        <reference anchor="X.680" target="https://www.itu.int/rec/T-REC-X.680">
          <front>
            <title>Information technology - Abstract Syntax Notation One (ASN.1): Specification of basic notation</title>
            <author>
              <organization>ITU-T</organization>
            </author>
            <date year="2021" month="February"/>
          </front>
          <seriesInfo name="ITU-T Recommendation" value="X.680"/>
          <seriesInfo name="ISO/IEC" value="8824-1:2021"/>
        </reference>

        <reference anchor="X.690" target="https://www.itu.int/rec/T-REC-X.690">
          <front>
            <title>Information technology - ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER)</title>
            <author>
              <organization>ITU-T</organization>
            </author>
            <date year="2021" month="February"/>
          </front>
          <seriesInfo name="ITU-T Recommendation" value="X.690"/>
          <seriesInfo name="ISO/IEC" value="8825-1:2021"/>
        </reference>

        <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.2119.xml"/>
        <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8174.xml"/>
        <reference anchor="IANA.structured-suffixes" target="https://www.iana.org/assignments/media-type-structured-suffix">
          <front>
            <title>Structured Syntax Suffixes</title>
            <author>
              <organization>IANA</organization>
            </author>
          </front>
        </reference>
        <reference anchor="IANA.rats" target="https://www.iana.org/assignments/rats">
          <front>
            <title>Remote Attestation Procedures (RATS)</title>
            <author>
              <organization>IANA</organization>
            </author>
          </front>
        </reference>
        <reference anchor="IANA.media-types" target="https://www.iana.org/assignments/media-types">
          <front>
            <title>Media Types</title>
            <author>
              <organization>IANA</organization>
            </author>
          </front>
        </reference>
        <reference anchor="IANA.core-parameters" target="https://www.iana.org/assignments/core-parameters">
          <front>
            <title>Constrained RESTful Environments (CoRE) Parameters</title>
            <author>
              <organization>IANA</organization>
            </author>
          </front>
        </reference>
        <reference anchor="IANA.smi-numbers" target="https://www.iana.org/assignments/smi-numbers">
          <front>
            <title>Structure of Management Information (SMI) Numbers (MIB Module Registrations)</title>
            <author>
              <organization>IANA</organization>
            </author>
          </front>
        </reference>
      </references>
      <references anchor="sec-informative-references">
        <name>Informative References</name>
        <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.3647.xml"/>
	<xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8126.xml"/>
        <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.9193.xml"/>
        <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.9052.xml"/>
        <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.9711.xml"/>
        <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.9782.xml"/>
<!-- [I-D.ietf-rats-ear]
draft-ietf-rats-ear-01
IESG State: I-D Exists as of 06/30/26
-->
        <reference anchor="I-D.ietf-rats-ear" target="https://datatracker.ietf.org/doc/html/draft-ietf-rats-ear-04">
          <front>
            <title>EAT Attestation Results</title>
            <author fullname="Thomas Fossati" initials="T." surname="Fossati">
              <organization>Linaro</organization>
            </author>
            <author fullname="Eric Voit" initials="E." surname="Voit">
              <organization>Cisco</organization>
            </author>
            <author fullname="Sergei Trofimov" initials="S." surname="Trofimov">
              <organization>Arm Limited</organization>
            </author>
            <author fullname="Henk Birkholz" initials="H." surname="Birkholz">
              <organization>Fraunhofer SIT</organization>
            </author>
            <date day="26" month="May" year="2026"/>
          </front>
          <seriesInfo name="Internet-Draft" value="draft-ietf-rats-ear-04"/>
        </reference>
        <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.9781.xml"/>
<!-- The author wants to replace I-D.fossati-tls-attestation-09 (expired) with 
I-D.fossati-seat-early-attestation (I-D exists as of 06/30/26)
-->
       <reference anchor="I-D.fossati-seat-early-attestation" target="https://datatracker.ietf.org/doc/html/draft-fossati-seat-early-attestation-04">
  <front>
    <title>Using Attestation in Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)</title>
    <author fullname="Yaron Sheffer" initials="Y." surname="Sheffer">
      <organization>Intuit</organization>
    </author>
    <author fullname="Ionuț Mihalcea" initials="I." surname="Mihalcea">
      <organization>Arm Limited</organization>
    </author>
    <author fullname="Yogesh Deshpande" initials="Y." surname="Deshpande">
      <organization>Arm Limited</organization>
    </author>
    <author fullname="Thomas Fossati" initials="T." surname="Fossati">
      <organization>Linaro</organization>
    </author>
    <author fullname="Tirumaleswar Reddy.K" initials="T." surname="Reddy.K">
      <organization>Nokia</organization>
    </author>
    <date day="27" month="May" year="2026"/>
  </front>
  <seriesInfo name="Internet-Draft" value="draft-fossati-seat-early-attestation-04"/>
</reference>
<!-- [I-D.fossati-seat-expat]
draft-fossati-seat-expat-00
IESG State: I-D Exists as of 06/30/26
-->
        <reference anchor="I-D.fossati-seat-expat" target="https://datatracker.ietf.org/doc/html/draft-fossati-seat-expat-02">
          <front>
            <title>Remote Attestation with Exported Authenticators</title>
            <author fullname="Muhammad Usama Sardar" initials="M. U." surname="Sardar">
              <organization>TU Dresden</organization>
            </author>
            <author fullname="Thomas Fossati" initials="T." surname="Fossati">
              <organization>Linaro</organization>
            </author>
            <author fullname="Tirumaleswar Reddy.K" initials="T." surname="Reddy.K">
              <organization>Nokia</organization>
            </author>
            <author fullname="Yaron Sheffer" initials="Y." surname="Sheffer">
              <organization>Intuit</organization>
            </author>
            <author fullname="Hannes Tschofenig" initials="H." surname="Tschofenig">
              <organization>University of Applied Sciences Bonn-Rhein-Sieg</organization>
            </author>
            <author fullname="Ionuț Mihalcea" initials="I." surname="Mihalcea">
              <organization>Arm Limited</organization>
            </author>
            <date day="27" month="February" year="2026"/>
          </front>
          <seriesInfo name="Internet-Draft" value="draft-fossati-seat-expat-02"/>
        </reference>
<!-- [I-D.ietf-lamps-csr-attestation]
draft-ietf-lamps-csr-attestation-28
IESG State: Publication Requested as of 06/30/26
-->
        <reference anchor="I-D.ietf-lamps-csr-attestation" target="https://datatracker.ietf.org/doc/html/draft-ietf-lamps-csr-attestation-27">
          <front>
            <title>Use of Remote Attestation with Certification Signing Requests</title>
            <author fullname="Mike Ounsworth" initials="M." surname="Ounsworth">
              <organization>Cryptic Forest Software</organization>
            </author>
            <author fullname="Hannes Tschofenig" initials="H." surname="Tschofenig">
              <organization>Siemens</organization>
            </author>
            <author fullname="Henk Birkholz" initials="H." surname="Birkholz">
              <organization>Fraunhofer SIT</organization>
            </author>
            <author fullname="Monty Wiseman" initials="M." surname="Wiseman"/>
            <author fullname="Ned Smith" initials="N." surname="Smith"/>
            <date day="16" month="June" year="2026"/>
          </front>
          <seriesInfo name="Internet-Draft" value="draft-ietf-lamps-csr-attestation-28"/>
        </reference>
<!-- [I-D.ietf-rats-corim]
draft-ietf-rats-corim-10
IESG State: I-D Exists as of 06/30/26
-->
        <reference anchor="I-D.ietf-rats-corim" target="https://datatracker.ietf.org/doc/html/draft-ietf-rats-corim-10">
          <front>
            <title>Concise Reference Integrity Manifest</title>
            <author fullname="Henk Birkholz" initials="H." surname="Birkholz">
              <organization>Fraunhofer SIT</organization>
            </author>
            <author fullname="Thomas Fossati" initials="T." surname="Fossati">
              <organization>Linaro</organization>
            </author>
            <author fullname="Yogesh Deshpande" initials="Y." surname="Deshpande">
              <organization>arm</organization>
            </author>
            <author fullname="Ned Smith" initials="N." surname="Smith">
              <organization>Independent</organization>
            </author>
            <author fullname="Wei Pan" initials="W." surname="Pan">
              <organization>Huawei Technologies</organization>
            </author>
            <date day="2" month="March" year="2026"/>
          </front>
          <seriesInfo name="Internet-Draft" value="draft-ietf-rats-corim-10"/>
        </reference>
        <reference anchor="DICE-ARCH" target="https://trustedcomputinggroup.org/wp-content/uploads/DICE-Attestation-Architecture-Version-1.1-Revision-18_pub.pdf">
          <front>
            <title>DICE Attestation Architecture</title>
            <author>
              <organization>Trusted Computing Group</organization>
            </author>
            <date year="2024" month="January"/>
          </front>
          <refcontent>Version 1.1, Revision 0.18</refcontent>
        </reference>
        <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8792.xml"/>
        <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.9876.xml"/>
      </references>
    </references>
    <?line 1389?>

<section anchor="registering-and-using-cmws">
      <name>Registering and Using CMWs</name>
      <t><xref target="fig-howto-cmw"/> describes the registration preconditions for using
CMWs in either Record CMW or Tag CMW forms.
When using a Collection CMW, the preconditions apply for each entry in the collection.</t>
      <figure anchor="fig-howto-cmw">
        <name>How to Create a CMW</name>
        <artset>
          <artwork type="svg" align="left"><svg xmlns="http://www.w3.org/2000/svg" version="1.1" height="480" width="344" viewBox="0 0 344 480" class="diagram" text-anchor="middle" font-family="monospace" font-size="13px" stroke-linecap="round">
              <path d="M 40,48 L 40,80" fill="none" stroke="black"/>
              <path d="M 56,176 L 56,424" fill="none" stroke="black"/>
              <path d="M 80,96 L 80,152" fill="none" stroke="black"/>
              <path d="M 80,168 L 80,424" fill="none" stroke="black"/>
              <path d="M 96,144 L 96,176" fill="none" stroke="black"/>
              <path d="M 104,256 L 104,288" fill="none" stroke="black"/>
              <path d="M 120,96 L 120,144" fill="none" stroke="black"/>
              <path d="M 168,192 L 168,232" fill="none" stroke="black"/>
              <path d="M 168,304 L 168,376" fill="none" stroke="black"/>
              <path d="M 184,48 L 184,80" fill="none" stroke="black"/>
              <path d="M 200,48 L 200,80" fill="none" stroke="black"/>
              <path d="M 224,96 L 224,144" fill="none" stroke="black"/>
              <path d="M 240,256 L 240,288" fill="none" stroke="black"/>
              <path d="M 248,144 L 248,176" fill="none" stroke="black"/>
              <path d="M 264,96 L 264,152" fill="none" stroke="black"/>
              <path d="M 264,168 L 264,424" fill="none" stroke="black"/>
              <path d="M 288,176 L 288,424" fill="none" stroke="black"/>
              <path d="M 296,48 L 296,80" fill="none" stroke="black"/>
              <path d="M 56,32 L 168,32" fill="none" stroke="black"/>
              <path d="M 216,32 L 280,32" fill="none" stroke="black"/>
              <path d="M 56,96 L 168,96" fill="none" stroke="black"/>
              <path d="M 216,96 L 280,96" fill="none" stroke="black"/>
              <path d="M 112,128 L 232,128" fill="none" stroke="black"/>
              <path d="M 72,160 L 104,160" fill="none" stroke="black"/>
              <path d="M 240,160 L 272,160" fill="none" stroke="black"/>
              <path d="M 112,192 L 232,192" fill="none" stroke="black"/>
              <path d="M 120,240 L 224,240" fill="none" stroke="black"/>
              <path d="M 120,304 L 224,304" fill="none" stroke="black"/>
              <path d="M 112,384 L 248,384" fill="none" stroke="black"/>
              <path d="M 96,416 L 232,416" fill="none" stroke="black"/>
              <path d="M 24,432 L 336,432" fill="none" stroke="black"/>
              <path d="M 8,464 L 320,464" fill="none" stroke="black"/>
              <path d="M 8,464 L 24,432" fill="none" stroke="black"/>
              <path d="M 96,416 L 112,384" fill="none" stroke="black"/>
              <path d="M 232,416 L 248,384" fill="none" stroke="black"/>
              <path d="M 320,464 L 336,432" fill="none" stroke="black"/>
              <path d="M 56,32 C 47.16936,32 40,39.16936 40,48" fill="none" stroke="black"/>
              <path d="M 168,32 C 176.83064,32 184,39.16936 184,48" fill="none" stroke="black"/>
              <path d="M 216,32 C 207.16936,32 200,39.16936 200,48" fill="none" stroke="black"/>
              <path d="M 280,32 C 288.83064,32 296,39.16936 296,48" fill="none" stroke="black"/>
              <path d="M 56,96 C 47.16936,96 40,88.83064 40,80" fill="none" stroke="black"/>
              <path d="M 168,96 C 176.83064,96 184,88.83064 184,80" fill="none" stroke="black"/>
              <path d="M 216,96 C 207.16936,96 200,88.83064 200,80" fill="none" stroke="black"/>
              <path d="M 280,96 C 288.83064,96 296,88.83064 296,80" fill="none" stroke="black"/>
              <path d="M 112,128 C 103.16936,128 96,135.16936 96,144" fill="none" stroke="black"/>
              <path d="M 232,128 C 240.83064,128 248,135.16936 248,144" fill="none" stroke="black"/>
              <path d="M 72,160 C 63.16936,160 56,167.16936 56,176" fill="none" stroke="black"/>
              <path d="M 104,160 C 112.83064,160 120,152.83064 120,144" fill="none" stroke="black"/>
              <path d="M 240,160 C 231.16936,160 224,152.83064 224,144" fill="none" stroke="black"/>
              <path d="M 272,160 C 280.83064,160 288,167.16936 288,176" fill="none" stroke="black"/>
              <path d="M 112,192 C 103.16936,192 96,184.83064 96,176" fill="none" stroke="black"/>
              <path d="M 232,192 C 240.83064,192 248,184.83064 248,176" fill="none" stroke="black"/>
              <path d="M 120,240 C 111.16936,240 104,247.16936 104,256" fill="none" stroke="black"/>
              <path d="M 224,240 C 232.83064,240 240,247.16936 240,256" fill="none" stroke="black"/>
              <path d="M 120,304 C 111.16936,304 104,296.83064 104,288" fill="none" stroke="black"/>
              <path d="M 224,304 C 232.83064,304 240,296.83064 240,288" fill="none" stroke="black"/>
              <polygon class="arrowhead" points="296,424 284,418.4 284,429.6" fill="black" transform="rotate(90,288,424)"/>
              <polygon class="arrowhead" points="272,424 260,418.4 260,429.6" fill="black" transform="rotate(90,264,424)"/>
              <path class="jump" d="M 264,168 C 258,168 258,152 264,152" fill="none" stroke="black"/>
              <polygon class="arrowhead" points="176,376 164,370.4 164,381.6" fill="black" transform="rotate(90,168,376)"/>
              <polygon class="arrowhead" points="176,232 164,226.4 164,237.6" fill="black" transform="rotate(90,168,232)"/>
              <polygon class="arrowhead" points="88,424 76,418.4 76,429.6" fill="black" transform="rotate(90,80,424)"/>
              <path class="jump" d="M 80,168 C 74,168 74,152 80,152" fill="none" stroke="black"/>
              <polygon class="arrowhead" points="64,424 52,418.4 52,429.6" fill="black" transform="rotate(90,56,424)"/>
              <g class="text">
                <text x="72" y="52">Reuse</text>
                <text x="136" y="52">EAT/CoRIM</text>
                <text x="244" y="52">Register</text>
                <text x="72" y="68">media</text>
                <text x="128" y="68">type(s)</text>
                <text x="224" y="68">new</text>
                <text x="264" y="68">media</text>
                <text x="56" y="84">+</text>
                <text x="96" y="84">profile</text>
                <text x="228" y="84">type</text>
                <text x="172" y="148">Register</text>
                <text x="152" y="164">new</text>
                <text x="188" y="164">CoAP</text>
                <text x="172" y="180">Content-Format</text>
                <text x="168" y="260">Automatically</text>
                <text x="140" y="276">derive</text>
                <text x="188" y="276">CBOR</text>
                <text x="128" y="292">tag</text>
                <text x="184" y="292">(RFC 9277)</text>
                <text x="152" y="404">Tag</text>
                <text x="184" y="404">CMW</text>
                <text x="148" y="452">Record</text>
                <text x="192" y="452">CMW</text>
              </g>
            </svg>
          </artwork>
          <artwork type="ascii-art" align="left"><![CDATA[
     .---------------.   .---------.
    | Reuse EAT/CoRIM | | Register  |
    | media type(s)   | | new media |
    | + profile       | | type      |
     `---+----+------'   `-+----+--'
         |    |            |    |
         |  .-+------------+-.  |
         | |  |  Register  |  | |
       .-(-+-'   new CoAP   `-+-(-.
      |  | |  Content-Format  | |  |
      |  |  `-------+--------'  |  |
      |  |          |           |  |
      |  |          v           |  |
      |  |   .--------------.   |  |
      |  |  | Automatically  |  |  |
      |  |  | derive CBOR    |  |  |
      |  |  | tag (RFC 9277) |  |  |
      |  |   `------+-------'   |  |
      |  |          |           |  |
      |  |          |           |  |
      |  |          |           |  |
      |  |          v           |  |
      |  |   .----------------. |  |
      |  |  /    Tag CMW     /  |  |
      v  v `----------------'   v  v
  .--------------------------------------.
 /             Record CMW               /
`--------------------------------------']]></artwork>
        </artset>
      </figure>
    </section>

    <section numbered="false" anchor="acknowledgments">
      <name>Acknowledgments</name>
      <t>The authors would like to thank <contact fullname="Alexey
      Melnikov"/>, <contact fullname="Amanda Baber"/>, <contact
      fullname="Benjamin Schwartz"/>, <contact fullname="Brian Campbell"/>,
      <contact fullname="Carl Wallace"/>, <contact fullname="Carsten
      Bormann"/>, <contact fullname="Christian Amsüss"/>, <contact
      fullname="Dave Thaler"/>, <contact fullname="Deb Cooley"/>,
      <contact fullname="Dionna Glaze"/>, <contact
      fullname="Éric Vyncke"/>, <contact fullname="Ionuț Mihalcea"/>, <contact
      fullname="Mahesh Jethanandani"/>, <contact fullname="Michael
      B. Jones"/>, <contact fullname="Mike Ounsworth"/>, <contact
      fullname="Michael StJohns"/>, <contact fullname="Mike Bishop"/>,
      <contact fullname="Mohamed Boucadair"/>, <contact fullname="Mohit
      Sethi"/>, <contact fullname="Orie Steele"/>, <contact fullname="Paul
      Howard"/>, <contact fullname="Peter Yee"/>, <contact fullname="Russ
      Housley"/>, <contact fullname="Steven Bellock"/>, <contact fullname="Tim
      Bray"/>, <contact fullname="Tom Jones"/>, and <contact fullname="Usama
      Sardar"/> for their reviews and suggestions.</t>
      <t>The definition of a Collection CMW has been modeled on a proposal
      originally made by <contact fullname="Simon Frost"/> for an EAT-based
      Evidence collection type.  The Collection CMW aims at superseding it by
      generalizing the allowed Evidence formats.</t>
    </section>

    <section anchor="contributors" numbered="false" toc="include" removeInRFC="false">
      <name>Contributors</name>
      <contact initials="L." surname="Lundblade" fullname="Laurence Lundblade">
        <organization>Security Theory LLC</organization>
        <address>
          <email>lgl@securitytheory.com</email>
        </address>
      </contact>
      <t>Laurence made significant contributions to enhancing the security requirements and considerations for Collection CMWs.</t>
    </section>
  </back>
</rfc>
