I have a question to policies and how these are handled when using the NXP plug&trust MW.
Is there a more comprehensive description available to the following aspects:
- Authentication Object ID: its relation to sessions and how/whether a secure object can be (differently)
accessed when a different authentication object ID is applied. A few examples would be highly appreciated.
- How can I enforce that a particular key can be used for signing, but NOT for any other purpose?
- Can you allow a security object for reading/re-write a particular User ID while when SCP03 is applied,
only encryption/decryption allowed with same security object, e.g.
UserID #1: reading/re-write
SCP03: encrypt, decrypt
- Does SCP03 apply in parallel to a User ID session? What Authentication Object ID does apply?
Thank you very much, Markus