two comments on v2.3 of the spec

[Thomas Fossati]

Hi, all,

I've finished reading Open Profile for DICE v2.3 — a very clear and informative document, thank you! — and I have a couple of quick comments:

1. Regarding the ability to mix CWT and X.509 in the same logical chain.  On one hand I am very glad to see a concrete attempt at modelling CWT certs, and one surely needs to start somewhere.  However, it seems to me that moving two things at the same time — i.e., introducing CWT certs while also allowing mixing them with x.509 — risks becoming a source of fragility and could end up hindering rather than promoting an otherwise excellent idea. I think that if you don’t want to be prescriptive — which is completely understandable — at least giving some advice on how to best mix and match, for example splitting the chain clearly [ X509.0, X509.1, …, X509.i, CWT.1, CWT.2, …, CWT.j ] so that the number of joints is minimised, would be good.
2. What does the verifier need to know to appraise DICE Evidence - i.e., what goes in an Open DICE Endorsement and Reference Value from manufacturer to verifier?  I think one way to make this already excellent document even more useful would be adding clarity on these aspects. (And we would be more than happy to work with you on this.)

Cheers, thanks!