[doc] Add Open DICE refs to the Attestation spec
Update the Attestation specification with references to the Open Profile
for DICE specification.
Signed-off-by: Miguel Osorio <miguelosorio@google.com>
diff --git a/doc/security/specs/attestation/_index.md b/doc/security/specs/attestation/_index.md
index 43cd18a..b35fa19 100644
--- a/doc/security/specs/attestation/_index.md
+++ b/doc/security/specs/attestation/_index.md
@@ -505,7 +505,7 @@
Certificates stored in the device adhere to standard X.509 format, meeting the
profile specification requirements from
-[RFC 5280](https://tools.ietf.org/html/rfc5280), and the Google DICE profile
+[RFC 5280](https://tools.ietf.org/html/rfc5280), and the [Open DICE][open-dice] profile
specification.
### Public Key Identifiers
@@ -618,7 +618,7 @@
<tr>
<td>Extensions</td>
<td>
-Extensions for compatibility with Google DICE profile:
+Extensions for compatibility with [Open DICE][open-dice] profile:
* `subjectKeyIdentifier` (non-critical). Used to identify certificates that
contain a particular public key. Set to the creator public key identifier
@@ -782,7 +782,7 @@
<tr>
<td>Extensions</td>
<td>
-Extensions for compatibility with Google DICE profile:
+Extensions for compatibility with [Open DICE][open-dice] profile:
* `authorityKeyIdentifier` (non-critical). Used to identify certificates that
contain a particular public key.
@@ -863,7 +863,6 @@
attestation flows without precluding the implementation of additional privacy
measures at the application level.
-
<!-- Footnotes themselves at the bottom. -->
## Notes
@@ -874,3 +873,6 @@
[^2]: The Creator Identity is referred to as the Unique Device Secret (UDS) in
DICE terminology.
+
+<!-- References -->
+[open-dice]: https://pigweed.googlesource.com/open-dice/+/refs/heads/main/docs/specification.md
