steven-bellock
commented
1 year ago SPDM 1.3 is still in draft form.
It won't be for long, so if you want it to be resolved in 1.3 you should file an issue today (preferably yesterday).
Open bluegate010 opened 1 year ago
steven-bellock
commented
1 year ago SPDM 1.3 is still in draft form.
It won't be for long, so if you want it to be resolved in 1.3 you should file an issue today (preferably yesterday).
There had been a question of what kind of SPDM OIDs we might need to add to the alias certs generated by Caliptra. We discussed how SPDM is introducing the "generic certificate model" where no OIDs are needed, so no problem here. However, in the latest draft, SPDM Slot 0 is required to use either the Device cert model or Alias cert model, and not the Generic cert model.
That being said, there is no "shall" requirement directing the use of these OIDs - they are only "strongly recommended for new deployments".
SPDM 1.3 is still in draft form. We could ask that the stricture against generic certs in slot 0 be lifted. Or, we could work to add the necessary OIDs in the certs generated by Caliptra. In either case I don't think any changes are necessary to ROM.