Closed mingpeiwk closed 1 year ago
Agreed. How about the following revision?
The TAM is trusted by a device if the TAM's public key is, or chains up to, an authorized Trust Anchor in the device, and conforms with all constraints defined in the Trust Anchor.
Bob Halley commented:
In the section 4.1 definition of Trusted Application Manager, it says
If you have read carefully and remember the definiton of Trust Anchor, you realize this means the TAM is trusted subject to the constraints on its authority, but it might be good to reiterate this point here, as it reads like "is unconditionally trusted" if you don't remember the definition. Also, it was not clear if the chaining process could have further restricted the scope of the TAM, e.g. due to additional restrictions on certificates beneath the trust anchor.