thomas-fossati
commented
4 weeks ago Is cached certificate collateral for helping interpret evidence... reference value? Endorsement? Or some new indicator?
Looks like endorsements: 1 to me.
Closed deeglaze closed 4 weeks ago
thomas-fossati
commented
4 weeks ago Is cached certificate collateral for helping interpret evidence... reference value? Endorsement? Or some new indicator?
Looks like endorsements: 1 to me.
deeglaze
commented
4 weeks ago Good enough for me
On AMD SEV-SNP, every machine has its own attestation-signing key that is cached on the node. The VMM is permitted to give the certificate to the guest in an "auxblob" as a means of avoiding a runtime dependency on a low query-per-second (QPS) service that provides the certificates given data that is available in the attestation reports (product, CHIP_ID and TCB_VERSION).
To help out the attestation verification service, we pass that certificate along to allow it to avoid its own fetch from a cache. My thinking was that we'd put this in the CMW under an x509 certificate content type (
application/pem-certificate-chainmaybe?application/x-x509-ca-certseems like a misnomer) but with an indicator that it's an attestation key certificate, or as an endorsement with a new content type that I negotiate with AMD to register with the IANA.Is cached certificate collateral for helping interpret evidence... reference value? Endorsement? Or some new indicator? If AMD were to write its certificate provisioning service with CoRIM in mind, they might provide their x.509 certificate in a corim's cose headers, where the corim just describes the data that are currently in the x.509 extensions https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/specifications/57230.pdf. I'm guessing since there's no reference or endorsement triple involved in giving the attestation key data... it's a new indicator?