> As a very minor nit, I'm surprised that the numbering of the relying
> parties is not the other way round, since presumably the flow talks to
> relying party 2 before relying party 1. As alternative suggestion
> could be to label them something like "Main Relying Party" and
> "Secondary Relying Party".
I'm gonna let Dave Thaler argue the final point here.
My understanding is that the commuication starts with talking to Relying
Party 1. It says, something like,
"Halt! Who goes there! Answer me These Questions
Three!^W^W^W^W^W
Show me the Evidence that you are vermin free!"
at which point, the Attester, having no fresh Attestation results from
Relying Party 2, goes over to the other attestation flow and gathers what it
needs.
In the TEEP case, the Relying Party 1 (like a Bank) is looking that a particular
Trusted
Application is loaded in the TEE (like a secure wallet). If it isn't, then
the mobile phone has to present Evidence to the TAM that it is suitably
vermin free in order to load the wallet app.
Okay, but in that case, I would think that text and perhaps diagram could be made clearer.
The direction of the arrows in the diagram seems to suggest that there is only a single communication to "Relying Party 1" which is the "Attestation Result".
Okay, but in that case, I would think that text and perhaps diagram could be made clearer.
The direction of the arrows in the diagram seems to suggest that there is only a single communication to "Relying Party 1" which is the "Attestation Result".