mcr
commented
2 years ago see #378.
Closed mcr closed 2 years ago
mcr
commented
2 years ago see #378.
dthaler
commented
2 years ago Maybe #378 fixed this one along with #375
** Section 12.2
It is also important that the appraisal policy was itself obtained securely. If an attacker can configure appraisal policies for a Relying Party or for a Verifier, then integrity of the process is compromised.
In addition to reconfiguration, wouldn't the ability to intercept either the appraisal policy for evidence or attestation results potentially provide the attacker insight into defensive mitigations? This suggests that this policy might need confidentiality protection.