Hello Andrej
I think one way is implement RTC as a secure RTC, and configure it by secure entity like BMC.
Is there a reliability issue with this?
Best Regards,
Masato Fukumori
From: Andrej Butok <andrey.butok@nxp.com>
Sent: Thursday, December 10, 2020 10:33 PM
To: Fukumori, Masato/福森
将人 <fukumori.masato@fujitsu.com>
Cc: tf-a <tf-a@lists.trustedfirmware.org>
Subject: RE: Question about validity period of X509 certificate
Hello Masato Fukumori,
To check a "validity period" of a X 509 certificate,
you must be sure that your system date & time is set, correct and not changed.
Do you have a reliable way to achieve this?
Best regards,
Andrej Butok
From: TF-A <tf-a-bounces@lists.trustedfirmware.org>
On Behalf Of fukumori.masato--- via TF-A
Sent: Thursday, December 10, 2020 2:23 PM
To: 'tf-a@lists.trustedfirmware.org' <tf-a@lists.trustedfirmware.org>
Subject: [TF-A] Question about validity period of X509 certificate
Hello.
I have a question about checking the X 509 certificate with tf-a.
My understanding is that tf-a does not check the "validity period" of the X 509 certificate.
I 'm not sure why tf-a doesn't check. Does anyone know this background?
Best Regards,
Masato Fukumori