hi Nancy, sorry I couldn't be there!
", "time": "2023-07-26T16:30:38Z"}, {"author": "Kathleen Moriarty", "text": "Good morning!
", "time": "2023-07-26T16:32:06Z"}, {"author": "Nancy Cam-Winget", "text": "Hi Guy, welcome!
", "time": "2023-07-26T16:34:09Z"}, {"author": "Dave Thaler", "text": "We pushed the ta-store doc to another WG and we just reference it. Sounds good to me for this one too.
", "time": "2023-07-26T17:09:39Z"}, {"author": "Mike Ounsworth", "text": "I just want to point out that Carl is not online for this meeting :(
", "time": "2023-07-26T17:12:21Z"}, {"author": "Carl Wallace", "text": "I am listening, but am zulip and audio stream this time. sorry about that.
", "time": "2023-07-26T17:15:25Z"}, {"author": "Thomas Hardjono", "text": "Is this the point to talk about device profiles?
", "time": "2023-07-26T17:26:49Z"}, {"author": "Thomas Hardjono", "text": "So that a verifier knows that a HW vendor cannot make claims about Apps
", "time": "2023-07-26T17:27:23Z"}, {"author": "Nancy Cam-Winget", "text": "I can see the device profile being a use case from the claim sets that this draft is about
", "time": "2023-07-26T17:30:14Z"}, {"author": "Carl Wallace", "text": "trust anchor constraints are relevant to this topic as well
", "time": "2023-07-26T17:31:25Z"}, {"author": "Guy Fedorkow", "text": "Laurence is right -- Identity and Attestation keys are quite distinct in some of our worlds
", "time": "2023-07-26T17:31:45Z"}, {"author": "Thomas Hardjono", "text": "The profile file carries the information needed for the logic inside the Verifier to help the Verifier decide (if something is wrong).
", "time": "2023-07-26T17:31:51Z"}, {"author": "Thomas Hardjono", "text": "Else, the Verifiefr will need to have a whole table/logic needed to separate the 4 layers (and sub components)
", "time": "2023-07-26T17:32:27Z"}, {"author": "Thomas Hardjono", "text": "When talking about \"Identity\", could we be more precise on the usage. eg. qualify it.
", "time": "2023-07-26T17:34:14Z"}, {"author": "Thomas Hardjono", "text": "e.g. Endorser identity; Endroser signer identity; etc. etc.
", "time": "2023-07-26T17:34:42Z"}, {"author": "Mike Ounsworth", "text": "tls-attestation:
\nI have the same question as Ned: is the attestation engine providing a key for signing (authenticating) the TLS handshake?
\n--> It seems from the next slide that the answer is yes.
How do you put evidence into a CMW into a cert? Isn't evidence dynamic, and isn't certs very much non-dynamic?
", "time": "2023-07-26T17:51:34Z"}, {"author": "Nancy Cam-Winget", "text": "@Mike are you remote? You can get in the queue to ask your question directly....if you can't let us know and we can relay your question
", "time": "2023-07-26T17:53:03Z"}, {"author": "Mike Ounsworth", "text": "@Nancy Cam-Winget sure
", "time": "2023-07-26T17:53:20Z"}, {"author": "Michael StJohns", "text": "I think this only makes sense for the ephemeral keys of the exchange. The identity key in the x509 cert would be attested when the cert was issued.
", "time": "2023-07-26T17:58:26Z"}, {"author": "Mike Ounsworth", "text": "Michael StJohns said:
\n\n\nI think this only makes sense for the ephemeral keys of the exchange. The identity key in the x509 cert would be attested when the cert was issued.
\n
My understanding is that, for example, a network gateway would only allow devices to complete a TLS connection if the devices has an acceptable (platform?) attestation.
\nI think that makes the attestation (potentially) orthogonal to the identity.