ajcousi
commented
9 years ago Updated wording slightly - I don't think we should be more specific about what "securely store" means as there's many ways an OS can do it, and many vendors have different solutions (TPM,TEE, Encrypted, etc etc)
The OS shall implement functionality to securely store credentials to non-volatile memory.
The App Note here doesn't make any sense. It looks like it was copied directly from App On OS.
What does "securely store" mean? What are we going to consider as secure? Will we allow PBKDF2? is simple encryption of the cred store with keys hanging out in a text file cool (im joking but u get the point)?