Hi All,

I am studying tbbr module in ATF recenlty. I have a little confusion about the ROTPK hash verify flow.

In ATF current implementation, we will verify the signature first, then verify the ROTPK hash.
But in my understanding, we should verify ROTPK first then verify signature.

So, what is the consideration that we use current flow in ATF?

Thanks for you patience

Bin Wu