evidenceId

[hannestschofenig]

Hendrik raised this issue in this email to the list: https://mailarchive.ietf.org/arch/msg/spasm/p-1z2lkDwzq0JNvbWyzDf71aA0U/

I recommend at least adding an evidenceId field in the evidence-statement structure to have an explicit ID of each evidence-statement. This can be used to clearly identify which nonce was used for which evidence-statement.

[HBrock]

The goal is to have a unique ID for all evidence statements in a CSR to use them when requesting an attestation freshness nonce. As there are EvidenceStatements in EvicenceBundles, the IDs must be unique throughout all statements in all bundles Therefore, I think adding an ID to the EvidenceStatement structure and using 128bit nonce as ID should work. There may be still the case that an ID is reused in different statements in the same CSR. What do others think?

[HBrock]

After discussing with Hannes the topic it will be sufficient reusing the structure of the evidenceBundle.