Hi Jeremy, > There is a draft RFC which proposes to add the capability to convey private > key attestation to an enrollment server: > > https://www.ietf.org/archive/id/draft-ietf-lamps-key-attestation-ext-00.html > > This covers all protocols and all attestation sources. I have been working > with Android KeyStore and KeyChain lately and this certainly seems possible > on the client end. > > I haven't looked at the other draft(s) mentioned in the above RFC, or for any > approved standards, but I hope this is enough to start a conversation.
This is certainly an interesting development (and an official RFC covering this would have been really useful in one of my projects a decade ago...) As of today, this is still an IETF draft, not an RFC. Let's see how this develops, I would assume that we will see several years before it makes it to an offical RFC (if at all). Cheers Martin _______________________________________________ OpenXPKI-users mailing list OpenXPKI-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openxpki-users