New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
security review issue 5: tampering during drop ship process #78
Comments
Well, section 6.2 "pledge security reductions" recommends a hardware supported NEA method if non-brski methods are allows. This is effectively the case that leads to "tampering during drop ship". It is RECOMMENDED that "trust on first use" or skipping voucher |
Scope addition. |
Add a few words:
|
modified as per 93041f4 Didn't put in section 1.1. sentence. maybe should have. Did add a paragraph at the start of security considerations to backpoint to the reduced modes and attempt to each into what is effectively a bulleted list (the next paragraphs) and then the subsections. |
Tailored Access Operation group. I think that BRSKI does nothing against
that attack, but maybe we should just say so.
6
The text was updated successfully, but these errors were encountered: