provision steps in section 4.1

[PenglinYang]

3. TAM requests remote attestation to the TEEP Agent, TEEP Agent
then response thesends evidence to TAM. The TAM works as the relying
party and forwards the attestation result to network user.
4. After verification, the network user transfers the package to TAM
and let TAM to transfer the package to TEEP Agent.
5. Network user establishes secure channel with TEEP agent via TAM,
and transfers decryption key to TEEP Agent.

These three steps need to be clarified.

The network user could transfer encrypted package before attestation for efficiency.
Either the user and TEEP agent could use some attested TLS protocol for key release that doesn't involve the TAM, or else the key could be considered as separate PD where the user is its own TAM for that piece, and use the TEEP protocol between TEEP Agent and network user to transfer the decryption key.

[PenglinYang]

3. TAM requests remote attestation to the TEEP Agent, TEEP Agent then sends the evidence to TAM. The TAM works as Verifier in RATs architecture.
4. After verification, Network User works as Relying Party receives the attestation result. If positive, Network User transfers the package to TEEP Agent.
5. Network user establishes secure channel with TEEP agent, and transfers the package to TEEP Agent.
6. TEEP Agent deploys TA and personalization data, then deploy UA in REE via TEEP Broker.

Delete the decryption key expression. If the secure channel is established, Network user could transfer plaintext package.