Post by josephreynolds1 on Jun 22, 2022 21:21:01 GMT
What is the right way to represent a BMC-attached Trusted Module (TPM) and the measurements it records? This TPM would record measurements for the BMC as differentiated from the host TPM.
Specifically, per a recent OpenBMC Security Working Group meeting, the intention is for a Redfish client to read measurements from a BMC-attached TPM.
Could the TrustedModules property in the ComputerSystem schema be adapted for use in the Manager schema? [Edit:append]: This schema seems like a good place to start, but it lacks a representation of the "measurements" stored in the TPM. Can we enhance this interface to represent the measurements, and allow Redfish clients to GET them?