Conveyance of EAT through SPDM `MEASUREMENTS` for 1.2/1.3/1.4

[steven-bellock]

The original plan to convey an EAT via SPDM was via the currently reserved measurement indices 0xf0-0xf3, and this would be retrofitted into errata versions of SPDM 1.2/1.3/1.4. However it looks like that will not be possible.

Measurement index 0xfd is reserved for a "measurement manifest" and SPDM does not specify what a measurement manifest is. It was originally created for the TCG and its DICE Concise Evidence Binding for SPDM specification. Since the OCP EAT is effectively a CWT wrapper around concise evidence, in the absence of special EAT indices like was originally planned, it makes sense to use this measurement index as well.

SPDM 1.3 added a Structured Manifest type that utilizes the common SPDM SVH to identify the standards body and vendor that defined the manifest, and the draft DICE Concise Evidence Binding for SPDM version 1.1 specification makes use of this.

This proposal for OCP Attestation is then to follow TCG's take on this, and have the EAT conveyed as a freeform manifest for SPDM 1.2, and as a structured manifest for SPDM 1.3+. If a Verifier supports both TCG Concise Evidence and OCP EAT over SPDM 1.2, then it would need to look at the first few bytes to determine the evidence format.

Note that this constrains the size of the EAT to 64 KiB.

[steven-bellock]

Discussed MeasurementSummaryHash and determined that it should only be the hash over the Measurement EAT claim and should ideally not include any random data from the Requester or Responder.