Merge pull request #1926 from sbweeden/sbweeden_1925

Clarify TPM attestation verification instructions
w3c · Sep 24, 2024 · 199dcda · 199dcda
2 parents 7cd6269 + c92aec3
commit 199dcda
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/index.bs b/index.bs
@@ -6546,8 +6546,8 @@ engine.
     - Verify that `extraData` is set to the hash of |attToBeSigned| using the hash algorithm employed in "alg".
     - Verify that `attested` contains a `TPMS_CERTIFY_INFO` structure as specified in [[!TPMv2-Part2]] section 10.12.3,
         whose `name` field contains a valid Name for |pubArea|,
-        as computed using the algorithm in the `nameAlg` field of |pubArea| using the procedure specified in [[!TPMv2-Part1]]
-        section 16.
+        as computed using the procedure specified in [[!TPMv2-Part1]]
+        section 16. Note that the hash algorithm is included within the attested `name` field of the TPMS_CERTIFY_INFO structure.
     - Verify that |x5c| is present.
     - Note that the remaining fields in the "Standard Attestation Structure" [[!TPMv2-Part1]]
         section 31.2, i.e., `qualifiedSigner`, `clockInfo` and `firmwareVersion` are ignored.