<div dir="ltr"><div dir="ltr">Hi Joseph,<div><br></div><div>Did you check the <a href="https://redfish.dmtf.org/schemas/ComponentIntegrity.v1_1_0.json">https://redfish.dmtf.org/schemas/ComponentIntegrity.v1_1_0.json</a>? </div><div><br></div><div>Regards</div><div>Ratan Gupta</div></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Fri, Jun 24, 2022 at 5:48 AM Joseph Reynolds <<a href="mailto:jrey@linux.ibm.com">jrey@linux.ibm.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">On 6/22/22 5:16 PM, Patrick Williams wrote:<br>
> On Wed, Jun 22, 2022 at 04:23:41PM -0500, Joseph Reynolds wrote:<br>
>> On 6/22/22 3:24 PM, Patrick Williams wrote:<br>
>>> On Wed, Jun 22, 2022 at 01:20:48PM -0500, Joseph Reynolds wrote:<br>
>>>> On 6/22/22 10:19 AM, Joseph Reynolds wrote:<br>
>>>> 3 Measured boot<br>
>>>> Enable network agents (like keylime server, possibly the host<br>
>>>> system) to get measurements from TPM. Note the measurements are<br>
>>>> digitally signed by the TPM to ensure their integrity.<br>
>>> Is there any work going on to define some kind of measurement schema in<br>
>>> Redfish? Last I knew this was absent.<br>
>> Thanks for the reminder. I started a thread for this:<br>
>> <a href="https://redfishforum.com/thread/685/support-bmc-attached-tpm" rel="noreferrer" target="_blank">https://redfishforum.com/thread/685/support-bmc-attached-tpm</a><br>
> Sounds good.<br>
><br>
> You mentioned there the "TrustedModules" type. It doesn't seem like<br>
> this exposes measurements currently? Am I misunderstanding? That seems<br>
> pretty important for our use case.<br>
<br>
Thanks. I've edited/appended the post to clarify that we need to <br>
enhance the TrustedModule schema so we can GET the TPM's measurements.<br>
<br>
-Joseph<br>
<br>
</blockquote></div>