Add an optional boolean flag (defaulting to false) to the psa-swcomp-id that, if asserted, marks the swcomp as containing a measurement of some configuration data:
psa-swcomp-id = {
psa.measurement-type => text
psa.version => text
psa.signer-id => psa.hash-type
? psa.is-config => bool .default false
}
As per discussion starting at https://github.com/thomas-fossati/draft-psa-token/issues/71#issuecomment-1418944582 we want to allow a verifier to tell whether a measurement is FW/SW or configuration.
Proposal
Add an optional boolean flag (defaulting to false) to the
psa-swcomp-idthat, if asserted, marks the swcomp as containing a measurement of some configuration data: