Cardinality & Location of
Location of Private Key Trust Anchor
Purpose Private Key Signs Store
------------------ ----------- ------------- -------------
Authenticating TEE 1 per TEE TEEP responses TAM
Authenticating TAM 1 per TAM TEEP requests TEEP Agent
Code Signing 1 per Trusted TA binary TEE
Component
Signer
Figure 4: Signature Keys
Authenticating TEE is a bit misleading because one could argue that the attestation provides authentication of the TEE and the TEEP response signing only authenticates the TEEP agent running within the TEE.
dthaler
commented
3 years ago
Authenticating TEE is a bit misleading because one could argue that the attestation provides authentication of the TEE and the TEEP response signing only authenticates the TEEP agent running within the TEE.