Page MenuHomePhabricator

Add missing claims to attestation token
Closed, ResolvedPublic


Adding the following missing claims to initial attestation token (IAT):

  • Security life cycle: global attribute of the device
  • HW version: Optional claim. Globally unique number in EAN-13 format identifying the GDSII that went to fabrication, HW and ROM.
  • Implementation ID: It represents the original implementation signer of the attestation key and identifies the contract between the report and verification.
  • Verification Service Indicator
  • Profile Definition
  • Software components:
    • Type
    • Measurement
    • Version
    • Measurement description
    • Security epoch
    • Signer ID
  • No software component case