1.8 KiB
RFC 002: Proof of Ownership
A cluster owner needs a way to prove a cluster belongs to them, while a third-party needs to be able to verify the owner's claims. For that, the owner generates a private/public key pair.
During constellation init, the cluster will generate its own private/public key pair, and send back a signing request for the public key.
The signed public key is measured into a PCR, so the binding of the private/public key to the cluster can be verified through remote attestation.
The cluster is now able to sign data using its own private key.
A third-party can verify a cluster belongs to a specific person in three steps:
-
Verify the signature of data provided by the third-party and signed by the cluster
-
Verify the cluster's public key was signed by the owner
-
Verify the public key is measured into a PCR by validating the cluster's attestation statement
Workflow
-
Cluster owner generates a private/public key pair
-
The Constellation cluster generates its own private/public key pair and requests the owner to sign the public key during
constellation init -
Constellation measures the signed public key into PCR[11] (previously used for ownerID)
-
A third-party requests an attestation from the verification service, providing some data to be signed
-
The verification service signs the data using its private key
-
The verification service returns: attestation document + data signature + signed public key
-
The third-party verifies the public key signature using the owner's public key
-
The third-party calculates the expected PCR[11] using the signed public key and validates the attestation document
-
The data signature is verified, and if successful proving ownership of the cluster
Encoding
The signed public key measured into PCR[11] is DER encoded. TODO: Add exact encoding specification