Arm's Platform Security Architecture (PSA) Attestation Token

The information below is for an old version of the document
Document Type Expired Internet-Draft (individual)
Authors Hannes Tschofenig  , Simon Frost  , Mathias Brossard  , Adrian Shaw  , Thomas Fossati 
Last updated 2020-09-07 (latest revision 2020-03-06)
Stream (None)
Intended RFC status (None)
Expired & archived
pdf htmlized (tools) htmlized bibtex
Additional Resources
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


The Platform Security Architecture (PSA) is a family of hardware and firmware security specifications, as well as open-source reference implementations, to help device makers and chip manufacturers build best-practice security into products. Devices that are PSA compliant are able to produce attestation tokens as described in this memo, which are the basis for a number of different protocols, including secure provisioning and network access control. This document specifies the PSA attestation token structure and semantics. At its core, the CWT (COSE Web Token) format is used and populated with a set of claims in a way similar to EAT (Entity Attestation Token). This specification describes what claims are used by PSA compliant systems.


Hannes Tschofenig (
Simon Frost (
Mathias Brossard (
Adrian Shaw (
Thomas Fossati (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)