- From: Martin Thomson <notifications@github.com>
- Date: Mon, 19 May 2025 19:00:25 -0700
- To: w3ctag/design-reviews <design-reviews@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Tuesday, 20 May 2025 02:00:29 UTC
@martinthomson commented on this pull request. > +We have an alternative below that doesn't require an interactive exchange. +However, given that TPMs generally don't have a clock, +you can't use the clock to ensure freshness. +A non-interactive exchange might have been pre-generated by an attacker +who temporarily had access to the TPM, unless it contains fresh entropy from the server. +That's something we address in more detail in the alternative design below, +noting that the alternative offers servers more options to combine requests to reduce latency, +where the proposal cannot. This is an important point in the requirement space to acknowledge. That is, part of the point of the feature (perhaps the entire point) is to enable this sort of liveness test. As the explainer isn't very clear about this aspect of the design, I thought it worth repeating. -- Reply to this email directly or view it on GitHub: https://github.com/w3ctag/design-reviews/pull/1094#discussion_r2096713573 You are receiving this because you are subscribed to this thread. Message ID: <w3ctag/design-reviews/pull/1094/review/2852326371@github.com>
Received on Tuesday, 20 May 2025 02:00:29 UTC