View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
000565110000-012: DiscoverySpecpublic2020-05-14 15:212020-09-14 17:57
ReporterMatthias Damm Assigned ToRandy Armstrong  
PrioritynormalSeveritymajorReproducibilityhave not tried
Status closedResolutionfixed 
Summary0005651: Key attestation feature added for 1.05 needs discussion
Description

The 1.05 draft for Part 12 contains a new feature for key attestation defined as part of the MachineConfigurationType.

This works only for Pull model and requires additional handling.

It would be easier to extend the existing certificate signing request handling by adding the key attestation information into the signing request.

The following specification defines how this works:
https://trustedcomputinggroup.org/wp-content/uploads/IWG_SKAE_Extension_1-00.pdf
See 3.1

Not sure if we can just use this definition but we need something that works for PUSH and PULL

TagsNo tags attached.
Commit Version
Fix Due Date

Relationships

related to 0005940 closedRandy Armstrong NodeSets, XSDs and Generated Code Key attestation feature added for 1.05 needs discussion 

Activities

Jim Luth

2020-05-19 15:53

administrator   ~0012073

Agreed to delete this from Part 12, then clone issue to Part 21 for full resolution.

Randy Armstrong

2020-06-16 03:21

administrator   ~0012323

Defined push and pull model for attestation and linked it to provisioning model.
The TCG specification leaves a lot to the reader (such as management of AIK, format of evidence, etc).
A cohesive solution made more sense.

Randy Armstrong

2020-09-14 17:56

administrator   ~0012812

After some discussion it was agreed that the UA server is dependent on the device maker and any attestation evidence could be faked by a device maker. For that reason the feature will not be implemented.

Instead a simple property was added to the ServerConfiguration Object that indicates whether a SecureElement is being used by the server.

Jim Luth

2020-09-14 17:57

administrator   ~0012816

Agreed to changes edited in virtual F2F.

Issue History

Date Modified Username Field Change
2020-05-14 15:21 Matthias Damm New Issue
2020-05-19 15:53 Jim Luth Note Added: 0012073
2020-05-19 15:53 Jim Luth Assigned To => Randy Armstrong
2020-05-19 15:53 Jim Luth Status new => assigned
2020-06-16 03:21 Randy Armstrong Status assigned => resolved
2020-06-16 03:21 Randy Armstrong Resolution open => fixed
2020-06-16 03:21 Randy Armstrong Note Added: 0012323
2020-09-14 17:56 Randy Armstrong Note Added: 0012812
2020-09-14 17:56 Jim Luth Issue cloned: 0005940
2020-09-14 17:56 Jim Luth Relationship added related to 0005940
2020-09-14 17:57 Jim Luth Status resolved => closed
2020-09-14 17:57 Jim Luth Fixed in Version => 1.05
2020-09-14 17:57 Jim Luth Note Added: 0012816