Merge pull request #148 from lamps-wg/mwiseman-address-msj

Mwiseman address msj

draft-ietf-lamps-csr-attestation.md

@@ -931,6 +931,9 @@ tcg-attest OBJECT IDENTIFIER ::= { tcg 20 }
 
 tcg-attest-tpm-certify OBJECT IDENTIFIER ::= { tcg-attest 1 }
 ~~~
+The tcg-kp-AIKCertificate OID in extendedKeyUsage identifies an AK Certificate in RFC 5280 format defined by TCG. This
+certificate would be a certificate in the EvidenceBundle defined in {{sec-evidenceAttr}}. (Note: The abbreviation AIK was used in
+TPM 1.2 specification. TPM 2.0 specifications use the abbreviation AK. The abbreviations are interchangeable.)
 
 ### TPM2 AttestationStatement {#appdx-tcg-attest-tpm-certify}
 
@@ -948,8 +951,6 @@ Tcg-csr-tpm-certify ::= SEQUENCE {
 }
 ~~~
 
-The tcg-kp-AIKCertificate field contains the AIK Certificate in RFC 5280 format.
-
 ### Introduction to TPM2 concepts
 
 The definitions in the following sections are defined by the TPM2 and various TCG defined

sampledata/tcgAttestTpmCertify.pem

@@ -1,70 +1,75 @@
 -----BEGIN CERTIFICATE REQUEST-----
-MIIMmjCCC4QCAQAwcjELMAkGA1UEBhMCQVUxDDAKBgNVBAgMA1FMRDERMA8GA1UE
+MIINnjCCDIgCAQAwcjELMAkGA1UEBhMCQVUxDDAKBgNVBAgMA1FMRDERMA8GA1UE
 BwwIQnJpc2JhbmUxGzAZBgNVBAoMEmlldGYtMTE5LWhhY2thdGhvbjEWMBQGA1UE
 CwwNaWV0Zi1jc3ItdGVzdDENMAsGA1UEAwwEa2V5MTCCASIwDQYJKoZIhvcNAQEB
-BQADggEPADCCAQoCggEBAM3AeVGnRgRMijvkuKreB+B6vWEi7QXRANIhvvkcHH3h
-Jg0y//13XTQjUC0/pj5Hi66ILSxMru5j2aNZ7n5THEK2dMqrjjLokcfojdAoErK6
-BmGHSCB8US41tb7qurneJzRCO0VGExpAKI1Ps05j0HHtYvwqHTlikWCpIOiDkNQt
-gz7sgr3z3aE2OKqsXfYehnBIJbqdClOMz7C23V/XcjEi/WF0vGTboHYmLHNwkTr5
-VrFhDqKFxQUx4+neqSJGeo30USno6Lr8hFAufxQzzoiFx571C4Wad+J1chCKORb/
-5Kbu4O7wu9doOsFK+I2anUHFEJS5wowVfcWuyjcIZ/0CAwEAAaCCCeMwggnfBgsq
-hkiG9w0BCRACOzGCCc4wggnKMIIJxjCCAtwwggLYBgVngQUUATCCArQEgZH/VENH
-gBcAIgALgSWffuitIOAJ6HaGbtjgb5HYkvYKKPpxeBsZOS8nnxgABAD/VaoAAAAA
-Nc8rIAAAAAcAAAAAASAZECMAFjY2ACIACwIYIzzfD3YNj+9DpDfm6cw/eyH2BuNJ
-me/FQlkl1WnlACIAC66AuFfCBmj8QrwfqOSqNt/dUwtgVMSh+iaYiSJslGTiBIIB
-ADLHaelFw/JTKhJbwi0tz5zkzJVyfo1nHER2s1YWZj/7GNcNZ5uvtcYgK65XIyMw
-LjIA0AncNhOVAJhJm0uRkbjUmvtW5kGpDtepFqQj394N4XiXulGIXimwVKkc9lqS
-kkRcfmzqomSaMmafVwXBAQ1NGrHV/PaX7IUlW5Hqo3Ja++sYro8y/hEQL3ILXdEG
-lQEj/wB9NhiuVqW/SpT0iIs+E1MD2uJRICxCw21F352BGiAda0pmvr7nknJhv5kM
-gWKInhonhLfLXlWVmvI+pf/z4QHXSWNZoibiihRcP7Eruq1X+VMx2T+Au2Q2O8zz
-9omo9Ktyq/cZDUGsLcs5E0UEggEYARYAAQALAAYAcgAAABAAEAgAAAAAAAEAzcB5
-UadGBEyKO+S4qt4H4Hq9YSLtBdEA0iG++RwcfeEmDTL//XddNCNQLT+mPkeLrogt
-LEyu7mPZo1nuflMcQrZ0yquOMuiRx+iN0CgSsroGYYdIIHxRLjW1vuq6ud4nNEI7
-RUYTGkAojU+zTmPQce1i/CodOWKRYKkg6IOQ1C2DPuyCvfPdoTY4qqxd9h6GcEgl
-up0KU4zPsLbdX9dyMSL9YXS8ZNugdiYsc3CROvlWsWEOooXFBTHj6d6pIkZ6jfRR
-KejouvyEUC5/FDPOiIXHnvULhZp34nVyEIo5Fv/kpu7g7vC712g6wUr4jZqdQcUQ
-lLnCjBV9xa7KNwhn/QwXdHBtdmVyaWZpZXIuZXhhbXBsZS5jb20wggbiMIIDazCC
-AlMCFD+SFCWsL2qqj29Qjboa1MYhl3spMA0GCSqGSIb3DQEBCwUAMHQxCzAJBgNV
-BAYTAkFVMQwwCgYDVQQIDANRTEQxETAPBgNVBAcMCEJyaXNiYW5lMRswGQYDVQQK
-DBJpZXRmLTExOS1oYWNrYXRob24xFjAUBgNVBAsMDWlldGYtY3NyLXRlc3QxDzAN
-BgNVBAMMBnJvb3RDQTAeFw0yNDA1MDUwMDMyMjhaFw0yNDA2MDQwMDMyMjhaMHAx
-CzAJBgNVBAYTAkFVMQwwCgYDVQQIDANRTEQxETAPBgNVBAcMCEJyaXNiYW5lMRsw
-GQYDVQQKDBJpZXRmLTExOS1oYWNrYXRob24xFjAUBgNVBAsMDWlldGYtY3NyLXRl
-c3QxCzAJBgNVBAMMAmFrMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
-rJwY3dhpjd5Mm4r8Gcjx6qympTD8J+ldfUVglCFXxVpmZmX7Bec6fPcARLBR4jte
-/Y/UGszreRv8WQ2O6J85XMPiJvYeWQExVL3NU5izX7+DVqX0is3HARUfkyXgF8zL
-2BkSgQcuYqAR2riG6YH+waE44qCVAi/k9nni25CtsHzyD6twWvvE3BdhzBt8j1eA
-1qWgOvVebVmMuN53caNkeAMb6a+OIirsU/eCbP0mycDfwabHg1DNCVio3pgQWJeW
-uNsYWcCNDZ0yYOKKGzN4tmu1se3NyZRPPU1H6SGlgqLPlJce1KDnLc9E1hBX8gCJ
-Aw7kzR66MXSNW9j9rHnYOQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQCSNgvEgZju
-zRqBiwVfe7Jy3ZfNwacVinS38SlKdaZsfeh+qpR6YCyeumS2Is8Ei70OzSr8QuN5
-NYQamDSnbjsJoCoWLk3O4S/JAXHXdKesBNGY8/wG3nxMSjzoaQ6UXOrsXWtgPKUg
-0/3bWN8JYrQPp2Ieggi/pE0DRE0vvO2LfA3L19la7mVYv0SWk/vEj5rVrqOWAHYu
-4TUC+9lm3k6QmGgf6MTC3tPgE3/Xi/tIKOlf0McdNfVNRA4tlhKb+jZaUC5AeNfp
-d74RTjICwRjQct3yS+GdtShiXUdyu04kgkruQTf2RBZ+QxFaYS0cVqfiYRRE5CZO
-oMnqMV0Ezwu/MIIDbzCCAlcCFAUfP4YmjszQY/Vtn/04g5htsJN7MA0GCSqGSIb3
-DQEBCwUAMHQxCzAJBgNVBAYTAkFVMQwwCgYDVQQIDANRTEQxETAPBgNVBAcMCEJy
-aXNiYW5lMRswGQYDVQQKDBJpZXRmLTExOS1oYWNrYXRob24xFjAUBgNVBAsMDWll
-dGYtY3NyLXRlc3QxDzANBgNVBAMMBnJvb3RDQTAeFw0yNDA1MDUwMDMyMjBaFw0z
-NDA1MDMwMDMyMjBaMHQxCzAJBgNVBAYTAkFVMQwwCgYDVQQIDANRTEQxETAPBgNV
-BAcMCEJyaXNiYW5lMRswGQYDVQQKDBJpZXRmLTExOS1oYWNrYXRob24xFjAUBgNV
-BAsMDWlldGYtY3NyLXRlc3QxDzANBgNVBAMMBnJvb3RDQTCCASIwDQYJKoZIhvcN
-AQEBBQADggEPADCCAQoCggEBAJ7JEtP/VDfRndsRmNqCs3iD/oLVSX2LSrkV2cb4
-Cj9P5qwarxdBMuQocKyY/WZ3kL3iLXJfo3jzLQ90cMkoJ88swcY94I4d/SLE9E7s
-X8+CTeyVfuvZ40dbrbxifNDRZWpdBCEt0J/kYtwEJMNqwGrPsYsZoQh3Ge9IMiPo
-GiQSFHFiosl59xCf4Fp7HLAzASQTzRgAJg7T24djiV9G8lnR+pDKRKaMiwbhaUyv
-rYV+9Ogs5QLmQRD3kutPNs/57imqb2JMypF2JdDZ8fOj1D8AIQJDxOQSpzqJq5Oo
-d0OMPEsH9ZiliMOjzCKU2P5cnEeVoWzraiY7Is6z2/8/LQkCAwEAATANBgkqhkiG
-9w0BAQsFAAOCAQEAjv0pbXilgnaD9xJLwn60uO/RQY4Npxclf5FiWIqeHQ12ssKE
-sAqodmRzo8xz3/y+Zk5BYMfXDtB4SG/XIZ/Xuo1Jc7GYrUJg5oXYRxsejjdb0z6K
-WzIe5l5hFkbSJnLfWNx/DcGyeOXDRfRTwOAuC4i2IMQBHOMCVq3btQXuKW8foEDF
-u85w7fT0YbiXdgRyU6LROxy8odMDqgDqTh9PS2adqlF2N/A3NNV2bK5ae0zldniN
-e8zqFpIKrNjGv81svpUCh+YgQK/LBU0W0Mi70nrp8uFWN88vv/Pl+CVX5zJIEHM6
-Mzil8NgCaWeRXg0d9RHn8z0JwuEZXThJtpv7JTALBgkqhkiG9w0BAQsDggEBAF9Q
-3g8tC87eaabivJ8kU10vA6EhAA3aSC7iqOqQxgrc80g5jn+y8mZUE8WhEeS+SN2W
-ewSEr3L+LQdftCtWETKreJXVfqqwDh5UkmB5R7tds+HLrNUy9cVT4K/PvhS/yhMa
-qLtl2DuXHfDtdRgn4O4vOAJqyHm3CKm2tIlr22vG3tRH1kRjnZLUvtsIN2uzLbC3
-vQXFf0dKOw3U2bhVywyj6RF9bXObFTzUPArfHm+bSTtKmUJxBnApn8uBw4eLapAc
-Aor2874rll5Ey3pSng9lCgKE2nn8Xuw3ZGys894nOJc15Uwr/QP2aKHnv/MzdXwU
-mBFIOcV149HcobQM974=
------END CERTIFICATE REQUEST-----
+BQADggEPADCCAQoCggEBALHs46qywIKk3JpICeppzL7laofTNESwwzov2RNKHp3J
+CmpnpvK9pn1RycQGxEnCK+hyFUjgezMo656zjPsMlNs2Cb2KLj7W2oP75x8cb/k8
+aLbok+4qnnUd+6wvZKOvNuprj/AWeXuebsq6U5R0wFN0yHU1dEzzMpK3DhpDoq61
+fRWDy2KSxlt3Vs9YtKYr54+u9DSLEYMmwx/gOEThXy1hQ3hMaJsgBZlCI2vI8NG2
+rEGZdyuHyQJhjKVKwsY6MgUoslKpKhkEZIolPKbSDeRHtvrJOtjwSFo3zfuFm03Q
+/m3xEPn//i0icKwPNm5hVsyS02ZU7FCQuytgJpVW2s8CAwEAAaCCCucwDwYJKoZI
+hvcNAQkOMQIwADCCCtIGCyqGSIb3DQEJEAI7MYIKwTCCCr0wggq5MIIC2jCCAtYG
+BWeBBRQBMIICsgSBkf9UQ0eAFwAiAAt4r6q4eL+MRkZVMf4zVfg3vCBxjkAv7lB8
+ZnNxaHQNbgAEAP9VqgAAAAAAACLaAAAAAAAAAAABIBUBEwAVSCIAIgALGGteNQ9z
+gSzgw5UUDHgJOG0UpLZVbstlorgYM1dGRI4AIgALqYkehoHN34Yg7HNO/HOG7/UN
+bNOVPKp1fg4MTz0DbKAEggEAOFmcmbvoqJL3CRKvCdyEGuIL44kJKPrfLevba85c
+OTf5m2G+4W57HR8w5gYHozrTVhbx6oUla9rAb3fxC6ViqwMdPqdkFeNtzIc/TB2U
+hh0yW5gp6GRK5No+JDJ6OKVoqvy2mBZLnUbvTOoGyeYZnuVqK62wL2cKDv0ARRjs
+QwRBWClo7n3UYs8/0ycXFnYtBzPpSjRMMW79bzG3JsFQLtj/pFzTpBu9fzu88Ylo
+wm6HmvwdMyTw3Hq4ou2+hcjl1/NVu5EThfiwTsllDpRuGgzp42L1nJHNlLW9KGYQ
+eyGesvtoX9JTTYG0r72rXA9VMw7OSsmHhRWXL0TJmdUccwSCARYAAQALAAYAcgAA
+ABAAEAgAAAAAAAEAsezjqrLAgqTcmkgJ6mnMvuVqh9M0RLDDOi/ZE0oenckKamem
+8r2mfVHJxAbEScIr6HIVSOB7MyjrnrOM+wyU2zYJvYouPtbag/vnHxxv+TxotuiT
+7iqedR37rC9ko6826muP8BZ5e55uyrpTlHTAU3TIdTV0TPMykrcOGkOirrV9FYPL
+YpLGW3dWz1i0pivnj670NIsRgybDH+A4ROFfLWFDeExomyAFmUIja8jw0basQZl3
+K4fJAmGMpUrCxjoyBSiyUqkqGQRkiiU8ptIN5Ee2+sk62PBIWjfN+4WbTdD+bfEQ
++f/+LSJwrA82bmFWzJLTZlTsUJC7K2AmlVbazwwXdHBtdmVyaWZpZXIuZXhhbXBs
+ZS5jb20wggfXMIIEYDCCA0igAwIBAgIUJ65JvgeACRrqSqGBIEY5mH7SiHUwDQYJ
+KoZIhvcNAQELBQAwdDELMAkGA1UEBhMCQVUxDDAKBgNVBAgMA1FMRDERMA8GA1UE
+BwwIQnJpc2JhbmUxGzAZBgNVBAoMEmlldGYtMTE5LWhhY2thdGhvbjEWMBQGA1UE
+CwwNaWV0Zi1jc3ItdGVzdDEPMA0GA1UEAwwGcm9vdENBMB4XDTI0MDcwNzAxMDMx
+OVoXDTI0MDgwNjAxMDMxOVowcDELMAkGA1UEBhMCQVUxDDAKBgNVBAgMA1FMRDER
+MA8GA1UEBwwIQnJpc2JhbmUxGzAZBgNVBAoMEmlldGYtMTE5LWhhY2thdGhvbjEW
+MBQGA1UECwwNaWV0Zi1jc3ItdGVzdDELMAkGA1UEAwwCYWswggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQCSMnAsx2LBunwXqcOL0zHHWKctsL2EovzKAZev
+9452fqmDpJqcud3m3JLTHBsgBElIniaCuwUutixde1aPRrBHRyqmkrX2j/+SDEX3
+iG5nu5Qy6Rp7fZ1DEUPjZhYV2/9TJx/zyEg5BWGj18RhI0zd5Ol60GG6PuS3i2Ob
+mVk5vP5fbUgLSAfbkDbERaHeCMW3UK4jU7C3rlT4uvbUREBWQCms6z5CllRGEfA1
+VboppYeYIitwC0kRM3mZeMDlNDwCd07wQGoDXFpvDJREKBgkdMucYfdIc5dZIp7H
+4bdtZrhyIO9wNq2F5YLyCTYbuWGCvnReJa7FKHcUvr4/4BVpAgMBAAGjge0wgeow
+gZsGA1UdIwSBkzCBkKF4pHYwdDELMAkGA1UEBhMCQVUxDDAKBgNVBAgMA1FMRDER
+MA8GA1UEBwwIQnJpc2JhbmUxGzAZBgNVBAoMEmlldGYtMTE5LWhhY2thdGhvbjEW
+MBQGA1UECwwNaWV0Zi1jc3ItdGVzdDEPMA0GA1UEAwwGcm9vdENBghRQ7rf2DEoY
+njMJYOpzRC+T1bCtgjAMBgNVHRMBAf8EAjAAMAsGA1UdDwQEAwIHgDAQBgNVHSUE
+CTAHBgVngQUIAzAdBgNVHQ4EFgQUESCd2wrVJVr9vLFDz5gqgrzq2zYwDQYJKoZI
+hvcNAQELBQADggEBAAG1vzkQMMCbpHKy0ZNu59VOzUO86sP1x/8MuyTSKxNf3r8E
+dSYHvsrhMlC/mvi3LpyHaQEg67sSC/jYP6xwrqq0uEOJoGr3iiDDtooakM+ozCag
+PbkQw3kjYvPujzUX2iHej7LHPb8QGVSE4ZhKKthfQCt+8t9+ZRC5U6wqDLAcOFST
+VwOgnrjFqeCFtjGKWezRovRIGmKmEesoiGA3VZPjf8B+gu9ddLfpNwf/f8GE18Rw
+eAG37yZhrNB+7sDHofPkRXf40z13EykgobEE5mU/iXJekW0kop6ldSmakIXZ8QZr
+KZbDzJhJBgfRmOPIDKebRN1+OcsqUCUaDfGFBowwggNvMIICVwIUUO639gxKGJ4z
+CWDqc0Qvk9WwrYIwDQYJKoZIhvcNAQELBQAwdDELMAkGA1UEBhMCQVUxDDAKBgNV
+BAgMA1FMRDERMA8GA1UEBwwIQnJpc2JhbmUxGzAZBgNVBAoMEmlldGYtMTE5LWhh
+Y2thdGhvbjEWMBQGA1UECwwNaWV0Zi1jc3ItdGVzdDEPMA0GA1UEAwwGcm9vdENB
+MB4XDTI0MDcwNzAxMDMxNloXDTI0MDgwNjAxMDMxNlowdDELMAkGA1UEBhMCQVUx
+DDAKBgNVBAgMA1FMRDERMA8GA1UEBwwIQnJpc2JhbmUxGzAZBgNVBAoMEmlldGYt
+MTE5LWhhY2thdGhvbjEWMBQGA1UECwwNaWV0Zi1jc3ItdGVzdDEPMA0GA1UEAwwG
+cm9vdENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2+3Q20cUvVf
+BrZosxB9htUE6hGa44l2dOaXBqLroXu4/i/3jNt7W1TWenrtOSVhxyrefyzqWlGn
+pBKZ/MtA8iP2vBzUEHpMDP5mcpZgh6kmiNypbg1BTujshUtDZwDdsisfxozQp3z1
+0KYTL3m0VUZZSHkbHzY8LJgfPRh93euGVkdwKlwrZuiH19Z3rAOTOET0IjG0ybkb
+oM/VMBf6R8wOpMJrdsdy3vmO1aQSB/NPjDG5zmjFeg2IpUeIXYnNbIpR4wYMmT4w
+SIExS392DZdZcjPhCBmo4Bg+TuNJoduNF3vI76AF9MS6Raim8gUU5xRO+C1eOedT
+z4QcfNc+NwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBW69bpm7cy/qVyZtEwHVzt
+UcQk6KixM/gmMJMMfaix5n4E0iVtKnEFnAixWSmD+nOws+uieg6kMm10pCVqU6bi
+VlRQNEyJxVm+Hz2XSycI68W/8nJRg76rtOwSaLIjgCLDNz2ZfEfy9/xLWKtfdRGt
+ttFtVi/W18cy0EBhxDiQWMKx+WPXqnkC2P1L+lYf6It4ycam6C2XTwcguxpxlivm
+AcDZeU0Cbc2Ro5Mb6FtqhjDUWBZ6P5j0IN7OYqIF5rYVfvovHrDcoK4xLKD/FS2P
+IL6geH1tc6allU/BzbthJ3JKYAWpuF2Icoocj5OeL0kDl+rY/aBk6T2s8qwAW8Vb
+MAsGCSqGSIb3DQEBCwOCAQEAcLTWODv93R8sjE3Ngjyuiy9HfucYNoxrQLzwuKtI
+FPRqBdyPXYgFh/kNBKSZmye/sPSZN0CJNcO9V2Apz8kjpAlnmff1sEF7Zxxxh3ON
+sA/F2qwzMfDuKOH2+u12odbznVZHie+QxZhA+rvCWfrrbfOGN7uy05/B4tijshhH
+wVS4NF274Uraw2og8tG6YTAPaGGxyVckf3gn3yLPnfi/3LhZGTvMcFoM84icmo2V
+aWDwGZY94LhTse1jLUeiBimQ/I+8qA1zQSXKDRYodY6DRmd04nP7QGdrCmk7am/w
+w4jj5p8WFydZ4tFAQfwAKY54BUmLvBN/0Fk3B+wjzJuoLQ==
+-----END CERTIFICATE REQUEST-----