Developer Guide

  • 10/27/2020
  • Public Content
Contents

Signing Process

The Intel® DAL Pack Tool signs on ACPs using a pre-production key which limits the usage of the ACPs to emulator and pre-production platforms only.
Pre-production platforms are not available to customers; they are available only inside Intel.
In order to load an Install Security Domain ACP in a production environment, the S-SD ACP must be signed by Intel.
The signing process is described below:
  1. OEM submits a Security Domain signing request to the relevant Intel business unit. The signing request includes the following:
    • Security Domain manifest file
    • Signature parameters file
    • Signing Request form. To download a template, click here
  2. Intel reviews the request, creates the final Install Security Domain ACP to be signed, and performs basic installation tests on a pre-production platform.
  3. Intel signs on the Install Security Domain ACP with the production key and performs basic installation tests on a production platform.
  4. Intel completes validation/audit on the production signed binary ACP and the hash value of the OEM public key.
  5. The Intel business unit delivers the production signed binary ACP and the hash value of the OEM public key to the OEM.

Product and Performance Information

1

Performance varies by use, configuration and other factors. Learn more at www.Intel.com/PerformanceIndex.