mingpeiwk
commented
2 years ago Q1: I concur Q2: an agent can always use one of the mandatory methods to protect the query response. A TAM is expected to support all mandatory algorithms. Isn't algorithm (cipher-suite) a required property in the message? Q3: agreed
dthaler
Section 8 (Ciphersuites) currently says:
Q1: must the same ciphersuite be used in both directions (TAM to Agent, Agent to TAM)?
I think "yes" is probably ok for now, which is implied in the quoted text above, but not explicitly stated. We could leave it to a TEEP extension if different mechanisms are needed in the future.
Q2: does that mean that the QueryResponse cannot be protected? Might the attestation payload and the SUIT reports in the QueryResponse be considered sensitive information in some cases?
I think the QueryResponse could be protected by the selected-ciphersuite. (The "selected-ciphersuite" is inside the TEEP message, but can the receiver figure it out from a COSE object?)
Q3: does that mean that an Error sent in response to a QueryRequest cannot be protected? Again the SUIT reports in the Error might be considered sensitive information in some cases.
Perhaps something like: if the TEEP Agent was able to select a ciphersuite from among the TAM's supported-ciphersuites, then use it to protect the Error message. Otherwise, protect the Error with a mandatory ciphersuite that the TEEP Agent supports.