[svsm-devel] vTPM service attestation format update
Dionna Amalie Glaze
dionnaglaze at google.com
Fri Feb 21 02:17:48 CET 2025
I'd like to propose a new version to the vTPM protocol that is clearer
about its EK information.
It's possible to create multiple primary endorsement keys with
different algorithms.
For manifest version 1, we have a list of created primary keys in
TPM_ALG enum order, not creation order.
0x000 uint32 Number of primary endorsement keys
0x004 Variable Number-many TPMT_PUBLIC structures
I don't want to try to load a lot into this change request. For
reducing pain with make/activatecredential, there's more to discuss.
--
-Dionna Glaze, PhD, CISSP, CCSP (she/her)
More information about the Svsm-devel
mailing list