You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The Feature/add policy or for authorization pull request (PR #166) added the capability to TPM seal data that can be TPM unsealed if the policy digest matches one of two possible criteria (policy-OR). When unsealing, however, the user must currently specify the -p (policy OR) flag. As the existence of a policy OR criteria should be easily detectable when parsing/reading the input .ski file, however, the user should not have to specify this as a command line option. Instead, kmyth-unseal should just apply whatever authorization criteria is specified in the .ski file, including a policy OR criteria.
The text was updated successfully, but these errors were encountered:
The Feature/add policy or for authorization pull request (PR #166) added the capability to TPM seal data that can be TPM unsealed if the policy digest matches one of two possible criteria (policy-OR). When unsealing, however, the user must currently specify the -p (policy OR) flag. As the existence of a policy OR criteria should be easily detectable when parsing/reading the input .ski file, however, the user should not have to specify this as a command line option. Instead, kmyth-unseal should just apply whatever authorization criteria is specified in the .ski file, including a policy OR criteria.
The text was updated successfully, but these errors were encountered: