Re: Intel EPID For Device Onboarding


On Tue, Oct 31, 2017 at 2:16 PM, Gardner, Doug <Doug.Gardner@...> wrote:
Hello Drasko,

We have looked into EPID also. It is interesting if the customer is concerned about privacy (consumer). The issues with the system is you must get all your keys from Intel as they are the only EPID key provider today.
I actually understood that they pushed this as a open ISO standard, so
that everybody would be capable to implement both server side (key
production and storage) and device side SW.

They say in the paper:
"To help take Intel EPID adoption to the next level, Intel has
contributed Intel EPID technology to leading industry organizations
for certification. As a result, Intel EPID is now:
- An International Standards Organization standard for identity and
privacy (ISO/IEC 20008, 20009)
- A Trusted Computing Group (TCG) standard for attestation.
Intel has also made Intel EPID technology available to processor,
microcontroller, and device manufacturers as open source under the
Apache 2 license."

These are the standards they are mentioning: and

Best regards,
Mainflux Author and Technical Advisor | Industrial IoT Cloud
Engineering Division | Paris, France

Twitter: @draskodraskovic

Join to automatically receive all group messages.