Signature
Signature of Measurements
Measurements of IMP and SEC-Readers are signed by the Reader itself. This signature can be verified by the customer itself using the public key of the individual Reader or simply by using the M-Trust™ services to verify the measurements certificate.
What is signed?
The signature is calculated over the measurement data, the payload from the prime
command and the Reader's id.
Depending on the Reader type, the measurement data can include different fields but the signature is always
calculated over the whole measurement object.