Script updating gh-pages from a99f6a3. [ci skip]

ietf-rats-wg · Sep 17, 2023 · 7c405ff · 7c405ff
1 parent 4338e35
commit 7c405ff
Show file tree

Hide file tree

Showing 3 changed files with 902 additions and 864 deletions.
diff --git a/draft-ietf-rats-eat.html b/draft-ietf-rats-eat.html
@@ -1212,13 +1212,13 @@ <h2 id="name-copyright-notice">
                     <p id="section-toc.1-1.4.2.2.2.3.1"><a href="#section-4.2.3" class="xref">4.2.3</a>.  <a href="#name-oemid-hardware-oem-identifi" class="xref">oemid (Hardware OEM Identification) Claim</a></p>
 <ul class="compact toc ulBare ulEmpty">
 <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.4.2.2.2.3.2.1">
-                        <p id="section-toc.1-1.4.2.2.2.3.2.1.1"><a href="#section-4.2.3.1" class="xref">4.2.3.1</a>.  <a href="#name-random-number-based-oemid" class="xref">Random Number Based OEMID</a></p>
+                        <p id="section-toc.1-1.4.2.2.2.3.2.1.1"><a href="#section-4.2.3.1" class="xref">4.2.3.1</a>.  <a href="#name-random-number-based-oem-id" class="xref">Random Number Based OEM ID</a></p>
 </li>
                       <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.4.2.2.2.3.2.2">
-                        <p id="section-toc.1-1.4.2.2.2.3.2.2.1"><a href="#section-4.2.3.2" class="xref">4.2.3.2</a>.  <a href="#name-ieee-based-oemid" class="xref">IEEE Based OEMID</a></p>
+                        <p id="section-toc.1-1.4.2.2.2.3.2.2.1"><a href="#section-4.2.3.2" class="xref">4.2.3.2</a>.  <a href="#name-ieee-based-oem-id" class="xref">IEEE Based OEM ID</a></p>
 </li>
                       <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.4.2.2.2.3.2.3">
-                        <p id="section-toc.1-1.4.2.2.2.3.2.3.1"><a href="#section-4.2.3.3" class="xref">4.2.3.3</a>.  <a href="#name-iana-private-enterprise-num" class="xref">IANA Private Enterprise Number Based OEMID</a></p>
+                        <p id="section-toc.1-1.4.2.2.2.3.2.3.1"><a href="#section-4.2.3.3" class="xref">4.2.3.3</a>.  <a href="#name-iana-private-enterprise-num" class="xref">IANA Private Enterprise Number Based OEM ID</a></p>
 </li>
                     </ul>
 </li>
@@ -2121,23 +2121,28 @@ <h4 id="name-oemid-hardware-oem-identifi">
 <p id="section-4.2.3-1">The "oemid" claim identifies the Original Equipment Manufacturer (OEM) of the hardware.
 Any of the three forms described below <span class="bcp14">MAY</span> be used at the convenience of the claim sender.
 The receiver of this claim <span class="bcp14">MUST</span> be able to handle all three forms.<a href="#section-4.2.3-1" class="pilcrow">¶</a></p>
-<div id="random-number-based-oemid">
+<p id="section-4.2.3-2">Note that the "hwmodel" claim in <a href="#hwmodel" class="xref">Section 4.2.4</a>, the "oemboot" claim in <a href="#oemboot" class="xref">Section 4.2.8</a> and "dbgstat" claim in <a href="#dbgstat" class="xref">Section 4.2.9</a> depend on this claim.<a href="#section-4.2.3-2" class="pilcrow">¶</a></p>
+<p id="section-4.2.3-3">Sometimes one manufacturer will acquire or merge with another.
+Depending on the situation and use case newly manfactured devices may continue to use the old OEM ID or switch to a new one.
+This is left to the discretion of the manufacturers, but they should consider how it affects the above-mentioned claims and the attestation eco-system for their devices.
+The considerations are the same for all three forms of this claim.<a href="#section-4.2.3-3" class="pilcrow">¶</a></p>
+<div id="random-number-based-oem-id">
 <section id="section-4.2.3.1">
-            <h5 id="name-random-number-based-oemid">
-<a href="#section-4.2.3.1" class="section-number selfRef">4.2.3.1. </a><a href="#name-random-number-based-oemid" class="section-name selfRef">Random Number Based OEMID</a>
+            <h5 id="name-random-number-based-oem-id">
+<a href="#section-4.2.3.1" class="section-number selfRef">4.2.3.1. </a><a href="#name-random-number-based-oem-id" class="section-name selfRef">Random Number Based OEM ID</a>
             </h5>
-<p id="section-4.2.3.1-1">The random number based OEMID <span class="bcp14">MUST</span> always be 16 bytes (128 bits) long.<a href="#section-4.2.3.1-1" class="pilcrow">¶</a></p>
-<p id="section-4.2.3.1-2">The OEM <span class="bcp14">MAY</span> create their own ID by using a cryptographic-quality random number generator.
+<p id="section-4.2.3.1-1">The random number based OEM ID <span class="bcp14">MUST</span> always be 16 bytes (128 bits) long.<a href="#section-4.2.3.1-1" class="pilcrow">¶</a></p>
+<p id="section-4.2.3.1-2">The OEM may create their own ID by using a cryptographic-quality random number generator.
 They would perform this only once in the life of the company to generate the single ID for said company.
 They would use that same ID in every entity they make.
 This uniquely identifies the OEM on a statistical basis and is large enough should there be ten billion companies.<a href="#section-4.2.3.1-2" class="pilcrow">¶</a></p>
 <p id="section-4.2.3.1-3">In JSON-encoded tokens this <span class="bcp14">MUST</span> be base64url-encoded.<a href="#section-4.2.3.1-3" class="pilcrow">¶</a></p>
 </section>
 </div>
-<div id="ieee-based-oemid">
+<div id="ieee-based-oem-id">
 <section id="section-4.2.3.2">
-            <h5 id="name-ieee-based-oemid">
-<a href="#section-4.2.3.2" class="section-number selfRef">4.2.3.2. </a><a href="#name-ieee-based-oemid" class="section-name selfRef">IEEE Based OEMID</a>
+            <h5 id="name-ieee-based-oem-id">
+<a href="#section-4.2.3.2" class="section-number selfRef">4.2.3.2. </a><a href="#name-ieee-based-oem-id" class="section-name selfRef">IEEE Based OEM ID</a>
             </h5>
 <p id="section-4.2.3.2-1">The IEEE operates a global registry for MAC addresses and company IDs.
 This claim uses that database to identify OEMs. The contents of the
@@ -2161,10 +2166,10 @@ <h5 id="name-ieee-based-oemid">
 <p id="section-4.2.3.2-5">In JSON-encoded tokens, this <span class="bcp14">MUST</span> be base64url-encoded and always 4 bytes.<a href="#section-4.2.3.2-5" class="pilcrow">¶</a></p>
 </section>
 </div>
-<div id="iana-private-enterprise-number-based-oemid">
+<div id="iana-private-enterprise-number-based-oem-id">
 <section id="section-4.2.3.3">
             <h5 id="name-iana-private-enterprise-num">
-<a href="#section-4.2.3.3" class="section-number selfRef">4.2.3.3. </a><a href="#name-iana-private-enterprise-num" class="section-name selfRef">IANA Private Enterprise Number Based OEMID</a>
+<a href="#section-4.2.3.3" class="section-number selfRef">4.2.3.3. </a><a href="#name-iana-private-enterprise-num" class="section-name selfRef">IANA Private Enterprise Number Based OEM ID</a>
             </h5>
 <p id="section-4.2.3.3-1">IANA maintains a registry for Private Enterprise Numbers (PEN) <span>[<a href="#PEN" class="xref">PEN</a>]</span>. A PEN is an integer that identifies an enterprise and may be
 used to construct an object identifier (OID) relative to the following OID arc that is managed by IANA:  iso(1) identified-organization(3) dod(6) internet(1) private(4) enterprise(1).<a href="#section-4.2.3.3-1" class="pilcrow">¶</a></p>
@@ -2284,7 +2289,7 @@ <h4 id="name-swversion-software-version-">
 </div>
 </section>
 </div>
-<div id="oemboot-oem-authorized-boot-claim">
+<div id="oemboot">
 <section id="section-4.2.8">
           <h4 id="name-oemboot-oem-authorized-boot">
 <a href="#section-4.2.8" class="section-number selfRef">4.2.8. </a><a href="#name-oemboot-oem-authorized-boot" class="section-name selfRef">oemboot (OEM Authorized Boot) Claim</a>
@@ -2300,7 +2305,7 @@ <h4 id="name-oemboot-oem-authorized-boot">
 </div>
 </section>
 </div>
-<div id="dbgstat-debug-status-claim">
+<div id="dbgstat">
 <section id="section-4.2.9">
           <h4 id="name-dbgstat-debug-status-claim">
 <a href="#section-4.2.9" class="section-number selfRef">4.2.9. </a><a href="#name-dbgstat-debug-status-claim" class="section-name selfRef">dbgstat (Debug Status) Claim</a>
@@ -4099,7 +4104,7 @@ <h3 id="name-cwt-and-jwt-claims-register">
         </ul>
 <p id="section-10.2-11"></p>
 <ul class="normal">
-<li class="normal" id="section-10.2-12.1">Claim Name: Hardware OEMID<a href="#section-10.2-12.1" class="pilcrow">¶</a>
+<li class="normal" id="section-10.2-12.1">Claim Name: Hardware OEM ID<a href="#section-10.2-12.1" class="pilcrow">¶</a>
 </li>
           <li class="normal" id="section-10.2-12.2">Claim Description: Hardware OEM ID<a href="#section-10.2-12.2" class="pilcrow">¶</a>
 </li>
@@ -5300,7 +5305,7 @@ <h3 id="name-collision-probability">
 <a href="#appendix-B.1" class="section-number selfRef">B.1. </a><a href="#name-collision-probability" class="section-name selfRef">Collision Probability</a>
         </h3>
 <p id="appendix-B.1-1">This calculation is to determine the probability of a collision of
-UEIDs given the total possible entity population and the number of
+type 0x01 UEIDs given the total possible entity population and the number of
 entities in a particular entity management database.<a href="#appendix-B.1-1" class="pilcrow">¶</a></p>
 <p id="appendix-B.1-2">Three different sized databases are considered. The number of devices
 per person roughly models non-personal devices such as traffic lights,
@@ -5483,8 +5488,8 @@ <h3 id="name-collision-probability">
           </tbody>
         </table>
 </div>
-<p id="appendix-B.1-19">Clearly, 128 bits is enough for the near future thus the requirement that UEIDs
-be a minimum of 128 bits.<a href="#appendix-B.1-19" class="pilcrow">¶</a></p>
+<p id="appendix-B.1-19">Clearly, 128 bits is enough for the near future thus the requirement
+that type 0x01 UEIDs be a minimum of 128 bits.<a href="#appendix-B.1-19" class="pilcrow">¶</a></p>
 <p id="appendix-B.1-20">There is no requirement for 256 bits today as quadrillion-record databases
 are not expected in the near future and because this time-to-collision
 calculation is a very worst case.  A future update of the standard may
@@ -5858,6 +5863,10 @@ <h3 id="name-from-draft-ietf-rats-eat-21">
           <li class="normal" id="appendix-G.1-1.6">Change "Indicate" to "Indcates"<a href="#appendix-G.1-1.6" class="pilcrow">¶</a>
 </li>
           <li class="normal" id="appendix-G.1-1.7">Require "oemid" claim for "oemboot" claim and debug state of permanently disabled.<a href="#appendix-G.1-1.7" class="pilcrow">¶</a>
+</li>
+          <li class="normal" id="appendix-G.1-1.8">Clarify what happens to OEM ID when companies merge<a href="#appendix-G.1-1.8" class="pilcrow">¶</a>
+</li>
+          <li class="normal" id="appendix-G.1-1.9">"OEMID" -&gt; "OEM ID"<a href="#appendix-G.1-1.9" class="pilcrow">¶</a>
 </li>
         </ul>
 </section>

diff --git a/draft-ietf-rats-eat.txt b/draft-ietf-rats-eat.txt
@@ -74,9 +74,9 @@ Table of Contents
          4.2.1.2.  Rules for Consuming UEIDs
        4.2.2.  sueids (Semi-permanent UEIDs) Claim (SUEIDs)
        4.2.3.  oemid (Hardware OEM Identification) Claim
-         4.2.3.1.  Random Number Based OEMID
-         4.2.3.2.  IEEE Based OEMID
-         4.2.3.3.  IANA Private Enterprise Number Based OEMID
+         4.2.3.1.  Random Number Based OEM ID
+         4.2.3.2.  IEEE Based OEM ID
+         4.2.3.3.  IANA Private Enterprise Number Based OEM ID
        4.2.4.  hwmodel (Hardware Model) Claim
        4.2.5.  hwversion (Hardware Version) Claim
        4.2.6.  swname (Software Name) Claim
@@ -816,12 +816,24 @@ Table of Contents
    used at the convenience of the claim sender.  The receiver of this
    claim MUST be able to handle all three forms.
 
-4.2.3.1.  Random Number Based OEMID
+   Note that the "hwmodel" claim in Section 4.2.4, the "oemboot" claim
+   in Section 4.2.8 and "dbgstat" claim in Section 4.2.9 depend on this
+   claim.
 
-   The random number based OEMID MUST always be 16 bytes (128 bits)
+   Sometimes one manufacturer will acquire or merge with another.
+   Depending on the situation and use case newly manfactured devices may
+   continue to use the old OEM ID or switch to a new one.  This is left
+   to the discretion of the manufacturers, but they should consider how
+   it affects the above-mentioned claims and the attestation eco-system
+   for their devices.  The considerations are the same for all three
+   forms of this claim.
+
+4.2.3.1.  Random Number Based OEM ID
+
+   The random number based OEM ID MUST always be 16 bytes (128 bits)
    long.
 
-   The OEM MAY create their own ID by using a cryptographic-quality
+   The OEM may create their own ID by using a cryptographic-quality
    random number generator.  They would perform this only once in the
    life of the company to generate the single ID for said company.  They
    would use that same ID in every entity they make.  This uniquely
@@ -830,7 +842,7 @@ Table of Contents
 
    In JSON-encoded tokens this MUST be base64url-encoded.
 
-4.2.3.2.  IEEE Based OEMID
+4.2.3.2.  IEEE Based OEM ID
 
    The IEEE operates a global registry for MAC addresses and company
    IDs.  This claim uses that database to identify OEMs.  The contents
@@ -859,7 +871,7 @@ Table of Contents
    In JSON-encoded tokens, this MUST be base64url-encoded and always 4
    bytes.
 
-4.2.3.3.  IANA Private Enterprise Number Based OEMID
+4.2.3.3.  IANA Private Enterprise Number Based OEM ID
 
    IANA maintains a registry for Private Enterprise Numbers (PEN) [PEN].
    A PEN is an integer that identifies an enterprise and may be used to
@@ -2789,7 +2801,7 @@ Table of Contents
    *  Specification Document(s): *this document*
 
 
-   *  Claim Name: Hardware OEMID
+   *  Claim Name: Hardware OEM ID
 
    *  Claim Description: Hardware OEM ID
 
@@ -3867,8 +3879,8 @@ Appendix B.  UEID Design Rationale
 B.1.  Collision Probability
 
    This calculation is to determine the probability of a collision of
-   UEIDs given the total possible entity population and the number of
-   entities in a particular entity management database.
+   type 0x01 UEIDs given the total possible entity population and the
+   number of entities in a particular entity management database.
 
    Three different sized databases are considered.  The number of
    devices per person roughly models non-personal devices such as
@@ -3982,7 +3994,7 @@ B.1.  Collision Probability
                    Table 7: UEID Collision Probability
 
    Clearly, 128 bits is enough for the near future thus the requirement
-   that UEIDs be a minimum of 128 bits.
+   that type 0x01 UEIDs be a minimum of 128 bits.
 
    There is no requirement for 256 bits today as quadrillion-record
    databases are not expected in the near future and because this time-
@@ -4419,6 +4431,10 @@ G.1.  From draft-ietf-rats-eat-21
    *  Require "oemid" claim for "oemboot" claim and debug state of
       permanently disabled.
 
+   *  Clarify what happens to OEM ID when companies merge
+
+   *  "OEMID" -> "OEM ID"
+
 Contributors
 
    Many thanks to the following contributors to draft versions of this