Closed muhammad-usama-sardar closed 9 months ago
- The following is NOT always applicable:
where actual state has a single value per claim per component applying to one device at one point in time, reference state has a set of values per claim per component (§2)
It may very well be the case that there is only one Reference Value per Claim per component (e.g., MRENCLAVE in SGX).
There is no contradiction. A single-value can still be represented as a set of size one in such a case.
- The following is NOT always the case:
Actual state: Evidence, Endorsements, Attestation Results (§2.1)
As a counterexample, CPUSVN inside PCK cert (Endorsement) may be older than the one in Evidence (QE Report Body).
I don't understand the relevance of your statement to the quoted text. Please clarify your feedback. I suspect the "Conditionally Endorsed Values" section will be the answer to your question.
- I think the draft currently focuses on a very specific case rather than the goal stated in the abstract:
explains the purpose and role of Endorsements
One of the major purposes of Endorsements is to provide identity endorsement, which is never discussed in the draft.
Draft-02 added section 4 "Endorsing Identity".
- Clarify "group of claims" vs. "set of claims" (e.g., as used in §2)
"set of claims" is used synonymously with "claimset" in other documents, where Evidence can have multiple claimsets, one per component. I'm using "group of claims" to refer to a set of claimsets. Will clarify.
- Clarify the definition of "Claim" and explain:
for our purposes we will treat such a list as a single unit (§2)
For example, I am thinking about attributes and Security Version Numbers in SGX/TDX. For instance, SGX TCB Security Version Number (SVN) has 16 components, so would each component be treated as a Claim, or would the SVN be treated as a single unit?
The hardware is a component, and has multiple claims of which SVN might be one unit if the EAT profile (or CORIM or whatever else) defined it as such.
- Clarify "reference values" vs. "Reference Values"
Should be the latter for consistency.
- The following is NOT always applicable:
where actual state has a single value per claim per component applying to one device at one point in time, reference state has a set of values per claim per component (§2)
It may very well be the case that there is only one Reference Value per Claim per component (e.g., MRENCLAVE in SGX).
There is no contradiction. A single-value can still be represented as a set of size one in such a case.
If both actual state and reference state can be represented as sets, then the distinction between actual state and reference state in the draft is very weak. The distinction should be more precisely clarified.
- The following is NOT always the case:
Actual state: Evidence, Endorsements, Attestation Results (§2.1)
As a counterexample, CPUSVN inside PCK cert (Endorsement) may be older than the one in Evidence (QE Report Body).
I don't understand the relevance of your statement to the quoted text. Please clarify your feedback. I suspect the "Conditionally Endorsed Values" section will be the answer to your question.
Just to clarify, this was not supposed to be a question. This was supposed to be a counter-example that as opposed to what the draft (e.g., quoted text) says, Endorsements may not always represent actual state.
- I think the draft currently focuses on a very specific case rather than the goal stated in the abstract:
explains the purpose and role of Endorsements
One of the major purposes of Endorsements is to provide identity endorsement, which is never discussed in the draft.
Draft-02 added section 4 "Endorsing Identity".
Thanks, I was reviewing draft-01. I will have a look.
- Clarify "group of claims" vs. "set of claims" (e.g., as used in §2)
"set of claims" is used synonymously with "claimset" in other documents, where Evidence can have multiple claimsets, one per component. I'm using "group of claims" to refer to a set of claimsets. Will clarify.
I hope to see this question clarified: Is one "component" representing precisely one Target Environment? I think that will precisely distinguish "set of claims"/"claimset" and "group of claims"
- Clarify the definition of "Claim" and explain:
for our purposes we will treat such a list as a single unit (§2)
For example, I am thinking about attributes and Security Version Numbers in SGX/TDX. For instance, SGX TCB Security Version Number (SVN) has 16 components, so would each component be treated as a Claim, or would the SVN be treated as a single unit?
The hardware is a component, and has multiple claims of which SVN might be one unit if the EAT profile (or CORIM or whatever else) defined it as such.
This is very ambiguous to me. The definition of Claim that is used in the draft should be independent of EAT profile/CORIM.
It may very well be the case that there is only one Reference Value per Claim per component (e.g., MRENCLAVE in SGX).
As a counterexample, CPUSVN inside PCK cert (Endorsement) may be older than the one in Evidence (QE Report Body).
One of the major purposes of Endorsements is to provide identity endorsement, which is never discussed in the draft.
Clarify "group of claims" vs. "set of claims" (e.g., as used in §2)
Clarify the definition of "Claim" and explain:
For example, I am thinking about attributes and Security Version Numbers in SGX/TDX. For instance, SGX TCB Security Version Number (SVN) has 16 components, so would each component be treated as a Claim, or would the SVN be treated as a single unit?