ietf-rats-wg · thomas-fossati · Dec 6, 2023 · Dec 1, 2023 · Dec 1, 2023 · Dec 1, 2023
diff --git a/cddl/corim-frags.mk b/cddl/corim-frags.mk
@@ -14,6 +14,7 @@ COMID_FRAGS += coswid-triple-record.cddl
 COMID_FRAGS += crypto-key-type-choice.cddl
 COMID_FRAGS += domain-dependency-triple-record.cddl
 COMID_FRAGS += domain-membership-triple-record.cddl
+COMID_FRAGS += mec-endorsement-triple-record.cddl
 COMID_FRAGS += domain-type-choice.cddl
 COMID_FRAGS += endorsed-triple-record.cddl
 COMID_FRAGS += entity-map.cddl

diff --git a/cddl/mec-endorsement-triple-record.cddl b/cddl/mec-endorsement-triple-record.cddl
@@ -0,0 +1,4 @@
+multi-env-conditional-endorsement-triple-record = [
+  conds: [ + stateful-environment-record ]
+  endorsements: [ + endorsed-triple-record ]
+]
diff --git a/cddl/triples-map.cddl b/cddl/triples-map.cddl
@@ -17,5 +17,7 @@ triples-map = non-empty<{
     [ + conditional-endorsement-series-triple-record ]
   ? &(conditional-endorsement-triples: 9) =>
     [ + conditional-endorsement-triple-record ]
+  ? &(mec-endorsement-triples: 10) =>
+    [ + multi-env-conditional-endorsement-triple-record ]
   * $$triples-map-extension
 }>
@@ -99,7 +99,7 @@ informative:
     seriesinfo: Version 1.0, Revision 0.19
     date: July 2020
     target: https://trustedcomputinggroup.org/wp-content/uploads/DICE-Layering-Architecture-r19_pub.pdf
-  IANA.concise-software-identifier: coswid-reg
+  IANA.coswid: coswid-reg
   SPDM:
     title: Security Protocol and Data Model (SPDM)
     author:
@@ -1186,6 +1186,32 @@ Evidence.
 {::include cddl/domain-membership-triple-record.cddl}
 ~~~
 
+
+
+#### Multi-Environment Conditional (MEC) Endorsements Triple {#sec-comid-triple-mec-endorsements}
+
+The semantics of the Multi-Environment Conditional (MEC) Endorsements Triple is as follows:
+
+> "IF accepted state matches the `cond` value, THEN `env` is associated with the endorsed value(s) `ends`."
+
+~~~ cddl
+{::include cddl/mec-endorsement-triple-record.cddl}
+~~~
+
+A `multi-env-conditional-endorsement-triple-record` has the following parameters:
+
+* `conds`: all target environments, along with a specific state, that need to match `state-triples` entries in the ACS for the endorsement(s) to apply
+* `endorsements`: endorsements that are added to the ACS `state-triples` if all `conds` match.
+
+The order in which MEC Endorsement triples are evaluated is important: different sorting may produce different end-results in the computed ACS.
+
+Therefore, the set of applicable MEC Endorsement triple MUST be topologically sorted based on the criterion that a MEC Endorsement triple is evaluated before another if its Target Environment and Endorsement pair is found in any of the stateful environments of the second triple.
+
+Notes:
+
+* In order to give the expected result, the condition must describe the expected context completely.
+* The scope of a single MEC triple encompasses an arbitrary amount of environments across all layers in an Attester.
-* The scope of a single MEC triple encompasses an arbitrary amount of environments across all layers in an Attester.
+* A single MEC triple can be used to make an endorsement conditional on multiple environments across layers or in different modules.
-* The scope of a single MEC triple encompasses an arbitrary amount of environments across all layers in an Attester.
+* A single MEC triple can be used to make an endorsement conditional on multiple environments across layers or in different modules.
+
 #### CoMID-CoSWID Linking Triple {#sec-comid-triple-coswid}
 
 A CoSWID triple relates reference measurements contained in one or more CoSWIDs