The protocol between TEEP Agents and TAMs similarly is responsible
for securely providing integrity and confidentiality protection
against adversaries between them. Since the transport protocol under
the TEEP protocol might be implemented outside a TEE, as discussed in
Section 6, it cannot be relied upon for sufficient protection. The
TEEP protocol provides integrity protection, but confidentiality must
be provided by payload encryption, i.e., using encrypted TA binaries
and encrypted attestation information. See [I-D.ietf-teep-protocol]
for more discussion.
Re-work the text to clarify that this is a design choice whether to terminate TLS inside the TEE or outside. Different solutions have taken a different approach here and the architecture should be agnostic to it.
The text was updated successfully, but these errors were encountered:
The issue is that I see others coming with different solutions that fit the same architectural description and problem statement.
Reading through the draft I noticed that there are a few places where we go the step from the architecture to the solution details. This is not really necessary and hence I wanted to make it a bit more generic