Skip to content

Expand security considerations#4

Open
bremoran wants to merge 1 commit intomainfrom
f/considerations
Open

Expand security considerations#4
bremoran wants to merge 1 commit intomainfrom
f/considerations

Conversation

@bremoran
Copy link
Owner

@bremoran bremoran commented Mar 13, 2023

Resolves comments from IETF115:

DT: How might you carry a SUIT report in an EAT?
Brendan: We need to define a new EAT claim for this for a SUIT report.

DT: Do you encrypt the SUIT report or use an EAT encrypted EAT?
HB: We should not assume that EAT will always have responsibility for encryption
Brendan: What do we do when the SUIT report is not sent in an EAT?
DT: In security consideration, we should discuss individually encrypting multiple items, or encrypting all the items as an encrypted EAT. This should be documented in EAT.

MR: What about privacy considerations? How do we handle a status tracker that needs this information? Is there a need to recharter for this?
Brendan: Alternative: TEEP doesn’t restrict use to only a TEE. A status tracker could use this information.

DT: What do supported identifiers mean for a non-constrained device?
Brendan: Wildcards can be used for this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@bremoran

Comments