OEM submits a Security Domain signing request to the relevant Intel business unit. The signing request includes the following:
Security Domain manifest file
Signature parameters file
Signing Request form. To download a template, click here
Intel reviews the request, creates the final Install Security Domain ACP to be signed, and performs basic installation tests on a pre-production platform.
Intel signs on the Install Security Domain ACP with the production key and performs basic installation tests on a production platform.
Intel completes validation/audit on the production signed binary ACP and the hash value of the OEM public key.
The Intel business unit delivers the production signed binary ACP and the hash value of the OEM public key to the OEM.