Below are few doubts that we have encountered,
Vendor-facilitated
enterprise attestation,
- Will the attestation be static or calculated over some
attestation data?
- If static, how will this be injected into the
authenticator? Do you suggest using Vendor Prototype commands?
- If we need to support Vendor Prototype command as
mentioned above, then what level of security do you expect?
Platform-managed
enterprise attestation:
- We were not able to completely understand from the
specification how the platform will do enterprise attestation, can you provide
some clarity.
- Do we have to support Vendor Prototype command for the
platform to inject the keys for generating signature?
- If we need to support Vendor Prototype command as
mentioned above, then what level of security do you expect?
- On what data the platform will do signature
calculation?
When
we support enterprise attestation do we also have to send authenticator
attestation signature?
Where
can we find information on how to compute enterprise attestation signatute?
Like input data to be used, keys to be used.