add clarification around signers by Laurence

.github/CODEOWNERS

@@ -1,3 +1,3 @@
 # Automatically generated CODEOWNERS
 # Regenerate with `make update-codeowners`
-draft-fft-rats-eat-measured-component.md
+draft-ietf-rats-eat-measured-component.md [email protected] [email protected] [email protected]

.github/workflows/archive.yml

@@ -16,9 +16,11 @@ jobs:
   build:
     name: "Archive Issues and Pull Requests"
     runs-on: ubuntu-latest
+    permissions:
+      contents: write
     steps:
     - name: "Checkout"
-      uses: actions/checkout@v2
+      uses: actions/checkout@v4
 
     # Note: No caching for this build!
 
@@ -37,6 +39,6 @@ jobs:
         token: ${{ github.token }}
 
     - name: "Save Archive"
-      uses: actions/upload-artifact@v3
+      uses: actions/upload-artifact@v4
       with:
         path: archive.json

.github/workflows/ghpages.yml

@@ -18,16 +18,18 @@ jobs:
   build:
     name: "Update Editor's Copy"
     runs-on: ubuntu-latest
+    permissions:
+      contents: write
     steps:
     - name: "Checkout"
-      uses: actions/checkout@v3
+      uses: actions/checkout@v4
 
     - name: "Setup"
       id: setup
       run: date -u "+date=%FT%T" >>"$GITHUB_OUTPUT"
 
     - name: "Caching"
-      uses: actions/cache@v3
+      uses: actions/cache@v4
       with:
         path: |
           .refcache
@@ -51,7 +53,7 @@ jobs:
         token: ${{ github.token }}
 
     - name: "Archive Built Drafts"
-      uses: actions/upload-artifact@v3
+      uses: actions/upload-artifact@v4
       with:
         path: |
           draft-*.html

.github/workflows/publish.yml

@@ -4,14 +4,20 @@ on:
   push:
     tags:
       - "draft-*"
+  workflow_dispatch:
+    inputs:
+      email:
+        description: "Submitter email"
+        default: ""
+        type: string
 
 jobs:
   build:
     name: "Publish New Draft Version"
     runs-on: ubuntu-latest
     steps:
     - name: "Checkout"
-      uses: actions/checkout@v3
+      uses: actions/checkout@v4
 
     # See https://github.com/actions/checkout/issues/290
     - name: "Get Tag Annotations"
@@ -22,7 +28,7 @@ jobs:
       run: date -u "+date=%FT%T" >>"$GITHUB_OUTPUT"
 
     - name: "Caching"
-      uses: actions/cache@v3
+      uses: actions/cache@v4
       with:
         path: |
           .refcache
@@ -42,8 +48,10 @@ jobs:
       uses: martinthomson/i-d-template@v1
       with:
         make: upload
+      env:
+        UPLOAD_EMAIL: ${{ inputs.email }}
 
     - name: "Archive Submitted Drafts"
-      uses: actions/upload-artifact@v3
+      uses: actions/upload-artifact@v4
       with:
         path: "versioned/draft-*-[0-9][0-9].*"

.github/workflows/update.yml

@@ -24,7 +24,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - name: "Checkout"
-      uses: actions/checkout@v2
+      uses: actions/checkout@v4
 
     - name: "Update Generated Files"
       uses: martinthomson/i-d-template@v1

.gitignore

@@ -7,17 +7,17 @@
 *~
 .tags
 /*-[0-9][0-9].xml
+/.*.mk
 /.gems/
 /.refcache
-/.targets.mk
 /.venv/
 /.vscode/
 /lib
 /node_modules/
 /versioned/
 Gemfile.lock
 archive.json
-draft-fft-rats-eat-measured-component.xml
+draft-ietf-rats-eat-measured-component.xml
 package-lock.json
 report.xml
 !requirements.txt

CONTRIBUTING.md

@@ -15,6 +15,8 @@ repository constitutes Contributions to the IETF Standards Process
 You agree to comply with all applicable IETF policies and procedures, including,
 BCP 78, 79, the TLP, and the TLP rules regarding code components (e.g. being
 subject to a Simplified BSD License) in Contributions.
+
+
 ## Working Group Information
 
 Discussion of this work occurs on the [Remote ATtestation ProcedureS

Makefile

@@ -4,13 +4,17 @@ include $(LIBDIR)/main.mk
 $(LIBDIR)/main.mk:
 ifneq (,$(shell grep "path *= *$(LIBDIR)" .gitmodules 2>/dev/null))
 	git submodule sync
-	git submodule update $(CLONE_ARGS) --init
+	git submodule update --init
 else
-	git clone -q --depth 10 $(CLONE_ARGS) \
-	    -b main https://github.com/martinthomson/i-d-template $(LIBDIR)
+ifneq (,$(wildcard $(ID_TEMPLATE_HOME)))
+	ln -s "$(ID_TEMPLATE_HOME)" $(LIBDIR)
+else
+	git clone -q --depth 10 -b main \
+	    https://github.com/martinthomson/i-d-template $(LIBDIR)
+endif
 endif
 
-$(drafts_xml):: cddl/measured-component.cddl
+$(drafts_xml): cddl/measured-component.cddl
 
 cddl/measured-component.cddl: cddl/measured-component.cddlc; $(MAKE) -C cddl
 

README.md

@@ -1,17 +1,17 @@
-# A Measured Component Claim for EAT
+# EAT Measured Component
 
-This is the working area for the individual Internet-Draft, "A Measured Component Claim for EAT".
+This is the working area for the IETF [RATS Working Group](https://datatracker.ietf.org/group/rats/documents/) Internet-Draft, "EAT Measured Component".
 
-* [Editor's Copy](https://thomas-fossati.github.io/draft-fft-rats-eat-measured-component/#go.draft-fft-rats-eat-measured-component.html)
-* [Datatracker Page](https://datatracker.ietf.org/doc/draft-fft-rats-eat-measured-component)
-* [Individual Draft](https://datatracker.ietf.org/doc/html/draft-fft-rats-eat-measured-component)
-* [Compare Editor's Copy to Individual Draft](https://thomas-fossati.github.io/draft-fft-rats-eat-measured-component/#go.draft-fft-rats-eat-measured-component.diff)
+* [Editor's Copy](https://ietf-rats-wg.github.io/draft-ietf-rats-eat-measured-component/#go.draft-ietf-rats-eat-measured-component.html)
+* [Datatracker Page](https://datatracker.ietf.org/doc/draft-ietf-rats-eat-measured-component)
+* [Working Group Draft](https://datatracker.ietf.org/doc/html/draft-ietf-rats-eat-measured-component)
+* [Compare Editor's Copy to Working Group Draft](https://ietf-rats-wg.github.io/draft-ietf-rats-eat-measured-component/#go.draft-ietf-rats-eat-measured-component.diff)
 
 
 ## Contributing
 
 See the
-[guidelines for contributions](https://github.com/thomas-fossati/draft-fft-rats-eat-measured-component/blob/main/CONTRIBUTING.md).
+[guidelines for contributions](https://github.com/ietf-rats-wg/draft-ietf-rats-eat-measured-component/blob/main/CONTRIBUTING.md).
 
 Contributions can be made by creating pull requests.
 The GitHub interface supports creating pull requests using the Edit (✏) button.

cddl/Makefile

@@ -18,7 +18,7 @@ CLEANFILES += $(wildcard *.pretty)
 CLEANFILES += $(MCEAT_CDDL)
 CLEANFILES += $(MCEAT_CBOR_EXAMPLES)
 
-clean: ; -rm -f $(CLEANFILES)
+clean:: ; -rm -f $(CLEANFILES)
 .PHONY: clean
 
 check-examples: $(CBOR_EXAMPLES) $(CDDL)

draft-ietf-rats-eat-measured-component.md

@@ -140,7 +140,12 @@ The data model is inspired by the "PSA software component" claim ({{Section 4.4.
 
 ### Signer {#signer}
 
-A signer is an entity that digitally signs the measured component. For example, as in UEFI Secure Boot {{UEFI2}} and Arm Trusted Board Boot {{TBBR-CLIENT}}.
+A signer is an entity that digitally signs the measured component.
+Typically, the signature is verified during installation or when the measured component is executed by the boot ROM, operating system, or application launcher.
+For example, as in UEFI Secure Boot {{UEFI2}} and Arm Trusted Board Boot {{TBBR-CLIENT}}.
+Another example may be the controlling entity in an app store.
+It is important to note that a signer is different from the identity of the manufacturer of the component, such as would be found in a manifest like a payload CoSWID.
+
 A signer is associated with a public key.
 It could be an X.509 certificate, a raw public key, a public key thumbprint, or some other identifier that can be uniquely associated with the signing entity.
 In some cases, multiple parties may need to sign a component to indicate their endorsement or approval.