Hi Mimi, I am trying to understand why violations (tomtou, open writers) cause the aggregated PCR value to be invalidated. Invalidating the PCR makes clear the file measurement errors, but once violations are common (when using the (TCB) default policy) it seems difficult to perform a full attestation process if violations are not handled. Is it safe to just report the violations and still perform a full attestation of the log by replacing zeroed digest with ff..ff? I believe we can safely detect a violation entry in the log by checking the hash values are zeroes. Please confirm. Thank you. -- Guilherme
