Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Question about required sequences. #138

Open
stoprocent opened this issue Aug 30, 2024 · 1 comment
Open

Question about required sequences. #138

stoprocent opened this issue Aug 30, 2024 · 1 comment

Comments

@stoprocent
Copy link

Hi

I work for ASSA ABLOY, and we've been utilizing SUIT since draft 4 in a straightforward manner. I'm now exploring ways to expand our implementation to support additional sub-specifications and make broader use of sequences and directives. I have a few questions, but I'll start with one that's been puzzling me the most.

I'm interested in adding support for dependency manifests, the multi-trust domains specification, and the firmware encryption specification. According to the main SUIT specification, the only required command sequence is suit-validate.

However, when I look at the example in the Firmware Encryption specification here, it only includes the suit-install command, which is optional, and does not mention the required suit-validate.

Am I missing something?
@bremoran
Copy link
Collaborator

Yes, there is a subtlety here:

  • When used in a secure boot scenario the suit-validate command sequence is required.
  • When used in a firmware update scenario, suit-fetch is required.

This could be expressed better in the manifest spec.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@stoprocent @bremoran