Skip to content

Commit

Permalink
make fix-lint
Browse files Browse the repository at this point in the history
  • Loading branch information
@ounsworth
ounsworth committed Jul 1, 2024
1 parent b7af2a0 commit b435594
Showing 1 changed file with 6 additions and 6 deletions.
12 changes: 6 additions & 6 deletions draft-ounsworth-rats-pkix-evidence.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -942,7 +942,7 @@ The Key Claims are:
## Publishing Evidence in a certificate

The extension MUST NOT publish in the certificate any privacy-sensitive information
that could compromise the end device. What counts as privacy-sensitive will vary by
that could compromise the end device. What counts as privacy-sensitive will vary by
use case. For example, consider a few scenarios:

First, consider a Hardware Security Module (HSM) backing a public code-signing service.
Expand All @@ -955,21 +955,21 @@ purposes.

Third, consider small IoT devices such as un-patchable wireless sensors.
Here there may be no privacy concerns and in fact knowing exact hardware
and firmware version information could help edge gateways to deny network
and firmware version information could help edge gateways to deny network
access to devices with known vulnerabilities.

The CA MUST remove the original signature and certificate chain, which
The CA MUST remove the original signature and certificate chain, which
means that semantically the CA is asserting that it has appraised the Evidence
and that it chains to an attestation root that the CA trusts, without revealing
which root that is.

Beyond that, a CA MUST have a configurable mechanism to control which information
is to be copied from the provided Evidence into the certificate, for example this
could be configured within a certificate profile or Certificate Practice Statement
(CPS) and this must be considered on a case-by-base basis. To protect end-user
could be configured within a certificate profile or Certificate Practice Statement
(CPS) and this must be considered on a case-by-base basis. To protect end-user
privacy, CA operators should err on the
side of caution and exclude information that is not clearly essential for security
verification by relying parties. Avoiding unnecessary claims also mitigates the risk
verification by relying parties. Avoiding unnecessary claims also mitigates the risk
of targeted attacks, where an
attacker could exploit knowledge of hardware versions, models, etc.

Expand Down

0 comments on commit b435594

Please sign in to comment.