TPM Certificates
The switch tray comes pre-provisioned by Nvidia with the IAK – Initial Attestation Key. This key’s private key lies in the TPM and is used for signing remote attestation quotes.
The certificate format of the IAK is compliant with the TCG TPM2.0 Keys for Device Identity and Attestation.
Key terminology:
Key | Description | Certified by | Remarks |
L1 | Nvidia Identity Root CA | Itself, Root | A common root-CA stored and managed by the ISS ORCA service. |
L2 | TPM Identity ICA | L1 | Stored in ISS DLM within the NV HQ. |
L3 | Provisioning facility ICA | L2 | Provisioning entity that directly certifies and provisions the device identity certificates. Multiple instances exist for each manufacturing facility. |
L4-IAK | Initial Attestation Key | L3 | Derived from the Endorsement Hierarchy. Used to sign attestation quotes. |
EK | Endorsement Key | TPM Manufacturer | Derived from the Endorsement Hierarchy can only decrypt. Used to prove TPM ownership. |
