View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0005940NodeSets, XSDs and Generated CodeApi Changepublic2020-09-14 17:562021-02-23 17:35
ReporterJim Luth Assigned ToRandy Armstrong  
PrioritynormalSeveritymajorReproducibilityhave not tried
Status closedResolutionfixed 
Summary0005940: Key attestation feature added for 1.05 needs discussion
Description

The 1.05 draft for Part 12 contains a new feature for key attestation defined as part of the MachineConfigurationType.

This works only for Pull model and requires additional handling.

It would be easier to extend the existing certificate signing request handling by adding the key attestation information into the signing request.

The following specification defines how this works:
https://trustedcomputinggroup.org/wp-content/uploads/IWG_SKAE_Extension_1-00.pdf
See 3.1

Not sure if we can just use this definition but we need something that works for PUSH and PULL

TagsNo tags attached.
Commit Version
Fix Due Date

Relationships

related to 0005651 closedRandy Armstrong 10000-012: Discovery Key attestation feature added for 1.05 needs discussion 

Activities

Jim Luth

2020-09-14 17:56

administrator   ~0012813

Agreed to delete this from Part 12, then clone issue to Part 21 for full resolution.

Randy Armstrong

2020-09-14 17:56

administrator   ~0012814

Defined push and pull model for attestation and linked it to provisioning model.
The TCG specification leaves a lot to the reader (such as management of AIK, format of evidence, etc).
A cohesive solution made more sense.

Randy Armstrong

2020-09-14 17:56

administrator   ~0012815

After some discussion it was agreed that the UA server is dependent on the device maker and any attestation evidence could be faked by a device maker. For that reason the feature will not be implemented.

Instead a simple property was added to the ServerConfiguration Object that indicates whether a SecureElement is being used by the server.

Randy Armstrong

2020-11-16 07:20

administrator   ~0013219

Added HasSecureElement to UA-1.05-2020-11-20

Jim Luth

2021-02-23 17:35

administrator   ~0013779

agreed to changes in telecon.

Issue History

Date Modified Username Field Change
2020-09-14 17:56 Jim Luth New Issue
2020-09-14 17:56 Jim Luth Status new => assigned
2020-09-14 17:56 Jim Luth Assigned To => Randy Armstrong
2020-09-14 17:56 Jim Luth Issue generated from: 0005651
2020-09-14 17:56 Jim Luth Note Added: 0012813
2020-09-14 17:56 Jim Luth Note Added: 0012814
2020-09-14 17:56 Jim Luth Note Added: 0012815
2020-09-14 17:56 Jim Luth Relationship added related to 0005651
2020-09-14 17:57 Jim Luth Project 10000-012: Discovery => NodeSets, XSDs and Generated Code
2020-09-14 17:57 Jim Luth Category Spec => Api Change
2020-11-10 17:21 Jim Luth Target Version => 1.05
2020-11-16 07:20 Randy Armstrong Status assigned => resolved
2020-11-16 07:20 Randy Armstrong Resolution open => fixed
2020-11-16 07:20 Randy Armstrong Note Added: 0013219
2021-02-23 17:35 Jim Luth Status resolved => closed
2021-02-23 17:35 Jim Luth Fixed in Version => 1.05
2021-02-23 17:35 Jim Luth Note Added: 0013779