Authentication Secret ID

ietf-rats-wg / draft-ietf-rats-reference-interaction-models

Referenceable Interaction Models for use in RATS

Other

2 stars 4 forks source link

Authentication Secret ID #15

Closed henkbirkholz closed 3 years ago

henkbirkholz commented 3 years ago

Based on https://mailarchive.ietf.org/arch/msg/rats/okJriJPpapmZgeOfjbVGVP57bQk/

Authentication Secret IDs ('authSecID'): mandatory A statement representing an identifier list that MUST be associated with corresponding Authentication Secrets used to protect Evidence.

Previous section says “Authentication Secret” is used to protect Claims, but here says it’s used to protect Evidence.

henkbirkholz commented 3 years ago

As I understand, if Authentication Secret represents the identity of Attesting Environment, then it’s not mandatory, at least in our implementation.

eckelmeckel commented 3 years ago

TL;DR: “Authentication Secret” protects evidence (i.e. a TPM Quote) and must be mandatory.

Please also have a look at my comment https://github.com/ietf-rats-wg/draft-ietf-rats-reference-interaction-models/issues/12#issuecomment-810613988.

Feel free to correct me. :-)