Event JSON
{
"id": "fd393d63cbabe200c746d409d477a641e6db3c71aad2390232ea699af857ae47",
"pubkey": "b3ba3c5045fbaf99be9cb4daa9f1d7baeedaba0fc5b91596511e2fb7a70dd7f9",
"created_at": 1725920881,
"kind": 1,
"tags": [
[
"p",
"b3ba3c5045fbaf99be9cb4daa9f1d7baeedaba0fc5b91596511e2fb7a70dd7f9"
],
[
"p",
"93071e18c883dcb6842f8df8c356f2b2681e411ad846e28eccb82388d3ca9033"
],
[
"e",
"1919ebfbed0454835635863c773b3980a0e502340097d5481b1885b02770fff4",
"",
"root",
"93071e18c883dcb6842f8df8c356f2b2681e411ad846e28eccb82388d3ca9033"
],
[
"e",
"19623d39143bbb70fa1d0b4ebcb854b83b2a5960691d83a22e4bd386570f83a4",
"",
"reply",
"93071e18c883dcb6842f8df8c356f2b2681e411ad846e28eccb82388d3ca9033"
],
[
"proxy",
"https://grapheneos.social/@GrapheneOS/113109950914113206",
"web"
],
[
"p",
"fa4d344a9bbd95d4f92a6359d02d44382a3327277469c82b6d8b0c640d820c3e"
],
[
"proxy",
"https://grapheneos.social/users/GrapheneOS/statuses/113109950914113206",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://grapheneos.social/users/GrapheneOS/statuses/113109950914113206",
"pink.momostr"
],
[
"-"
]
],
"content": "Hardware attestation is a very useful security feature. It's root-based attestation which is being abused. Having hardware attestation doesn't imply having a single root for verifying that a specific company approved a device. It can be implemented with only pinning support which is the main functionality we use in Auditor ourselves. Roots are useful for the initial verification but the security is very low for root-based verification due to leaked keys.",
"sig": "ec21ca051fb9e9f7a633b0c344441745d4a38fc13872f683939cc1daab5dc174579e2b2ccd7cba06cd61f154016d799c3670211e370cf89a9f06d67596e9b58d"
}
