Open PenglinYang opened 2 years ago
_3. TAM requests remote attestation to the TEEP Agent, TEEP Agent then sends the evidence to TAM. The TAM works as Verifier in RATs architecture.
Delete the decryption key expression. If the secure channel is established, Network user could transfer plaintext package.
_3. TAM requests remote attestation to the TEEP Agent, TEEP Agent then response thesends evidence to TAM. The TAM works as the relying party and forwards the attestation result to network user.
These three steps need to be clarified.
The network user could transfer encrypted package before attestation for efficiency. Either the user and TEEP agent could use some attested TLS protocol for key release that doesn't involve the TAM, or else the key could be considered as separate PD where the user is its own TAM for that piece, and use the TEEP protocol between TEEP Agent and network user to transfer the decryption key.