Comment by no_time
10 days ago
That "someone" doesn't understand how hardware backed platform attestation works.
The wikipedia page does a pretty good job at explaining it: https://en.wikipedia.org/wiki/Trusted_Computing
10 days ago
That "someone" doesn't understand how hardware backed platform attestation works.
The wikipedia page does a pretty good job at explaining it: https://en.wikipedia.org/wiki/Trusted_Computing
Yes, they do. There's nothing in the spec this app implements that actually requires that step. The app just chooses to do it in this case.
Or rather is planning to. Right now it doesn't even have that integrity check, despite fully implementing the verification flow.