[Cc'ing Ken, Dave, & Monty] On Mon, 2019-09-09 at 11:57 +0530, Sumit Garg wrote: > On Sun, 8 Sep 2019 at 19:50, Mimi Zohar <zohar@xxxxxxxxxxxxx> wrote: > > Are all "trust" methods equivalent? As new "trust" methods are > > defined, there should be a document describing the trust method, with > > a comparison to the TPM. > > For Trusted Execution Environment (TEE) as a new "trust" method, I > have tried to document it here [1]. Please share your thoughts on this > patch [1] in case I missed something. I would be happy to incorporate > your feedback. Also, can you elaborate on "comparison to the TPM", > what specifics parameters are you looking for documentation? For example, the security properties/guarantees of a hardware TPM are different than a software TPM. Could we capture that difference in chart form? As new "trust" methods are added, include that information in the chart and extend the chart with other information, as needed. Mimi > > [1] https://patchwork.kernel.org/patch/11065679/ > > -Sumit
