12. Security Considerations
This document provides an architecture for doing remote attestation. No specific wire protocol is documented here. Without a specific proposal to compare against, it is impossible to know if the security threats listed below have been mitigated well.
The security considerations below should be read as being, essentially, requirements against realizations of the RATS architecture. Some threats apply to protocols and some are against implementations (code) and physical infrastructure (such as factories).
The fundamental purpose of the RATS architecture is to allow a Relying Party to establish a basis for trusting the Attester.
12.1. Attester and Attestation Key Protection
See 12.1. Attester and Attestation Key Protection
12.2. Conceptual Message Protection
See 12.2. Conceptual Message Protection
12.3. Attestation Based on Epoch ID
See 12.3. Attestation Based on Epoch ID