Which key should be used as the RA_TLS_EPID_API_KEY? #1361
-
|
Hi All, I subscribed to the SGX EPID attestation service from here, and once signed in, I can see the Regards, |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
|
Hi @jogi343! The So you can use either your Primary key or Secondary key as the [1] https://www.intel.com/content/dam/develop/public/us/en/documents/sgx-attestation-api-spec.pdf |
Beta Was this translation helpful? Give feedback.
-
|
Thank you @kailun-qin , secret provisioning is working. |
Beta Was this translation helpful? Give feedback.
Hi @jogi343!
The
RA_TLS_EPID_API_KEYrefers to the subscription key (in Section 2.1, SGX Attestation API Spec[1]), which is the "unique API key that Service Provider needs to use to authenticate itself to the service". Both the Primary and Secondary keys are subscription keys [2]. The design of two keys is basically for giving continuity to the service in case a key needs to be regenerated.So you can use either your Primary key or Secondary key as the
RA_TLS_EPID_API_KEY.[1] https://www.intel.com/content/dam/develop/public/us/en/documents/sgx-attestation-api-spec.pdf
[2] https://www.intel.com/content/www/us/en/support/articles/000090019/software/intel-security-products.html