Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Relationship to existing/future attestation standards #12

Open
dthaler opened this issue Mar 24, 2019 · 0 comments
Open

Relationship to existing/future attestation standards #12

dthaler opened this issue Mar 24, 2019 · 0 comments

Comments

@dthaler
Copy link
Collaborator

dthaler commented Mar 24, 2019

One common attestation flow is where a device supplies claims/proof to an attestation server, which grants it a token (or cert chain, or quote, or whatever other synonym you want) that it can supply to various relying parties.

It might be desirable for OTrP to integrate with standard attestation mechanisms rather than define its own. The GetDeviceStateResponse message looks very similar to what one would want to supply to an attestation server. Should a TAM be able to return an attestation token/quote to the device? Or should attestation be done prior to sending the GetDeviceStateResponse and pass the token in the GetDeviceStateResponse?

It seems to me that it would be good if the TAM could return the attestation token/quote to the device, regardless of whether the TAM gets it from an attestation server, or the TAM is itself an attestation server.

This is related to architecture issue ietf-teep/architecture#17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@dthaler