摘要 |
To establish trust between first and second entities, the first entity sends an attestation message to the second entity, including a code ID, relevant data, a digital signature based on the code ID and data, and a certificate chain. The second entity verifies the signature and decides whether to in fact enter into a trust-based relationship with the first entity based on the code ID and the data in the attestation message. Upon so deciding, the second entity sends a trust message to the first entity, including a secret to be shared between the first and second entities. The first entity obtains the shared secret in the trust message and employs the shared secret to exchange information with the second entity.
|