From 5c0f7234b6ef9d56b05eb57f34844668505e5be6 Mon Sep 17 00:00:00 2001 From: Max Bires Date: Tue, 18 Jul 2023 20:26:33 -0700 Subject: [PATCH] Slight documentation tweak Specify that DICE-based RKP implementations may also allow a ROM extension to manage the UDS public key. Test: The words are semantically parseable Change-Id: I8f9c6efb01fc76318220cf1bc4a0eb3a3ad42f87 --- security/rkp/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/security/rkp/README.md b/security/rkp/README.md index f8e1d5eeec..8cd15826f9 100644 --- a/security/rkp/README.md +++ b/security/rkp/README.md @@ -52,7 +52,7 @@ binding between the device and the backend. To briefly describe them: * Degenerate DICE (Phase 1): A TEE root of trust key pair is used to sign certificate requests; a single self-signed certificate signifies this phase. * DICE (Phase 2): A hardware root of trust key pair is only accessible to ROM - code; the boot process follows the [Android Profile for + or ROM extension code; the boot process follows the [Android Profile for DICE](#android-profile-for-dice). * SoC vendor certified DICE (Phase 3): This is identical to Phase 2, except the SoC vendor also does the UDS\_pub extraction or certification in their