Visible to Intel only — GUID: GUID-0A0BE167-C692-484A-B867-25B6F90C365C
Visible to Intel only — GUID: GUID-0A0BE167-C692-484A-B867-25B6F90C365C
SSL\\TLS
Beginning with Intel® Management Engine (Intel® ME) 9.0, trusted applications can use PKI to establish an SSL connection with a remote server.
The Intel® DAL infrastructure exposes to a Trusted Application a set of classes that will allow the Trusted Application to establish a TLS session as a client end-point.
- Protocol versions:
- TLS1.0, supported on old platforms only (Intel® ME 11 and older, and Intel® Trusted Execution Engine (Intel® TXE) 4.x and older).
- TLS 1.1
- TLS 1.2 supported since Intel ME 12 (API level 9)
- Supports server authentication.
- Supports client authentication starting from Intel TXE 3.x and Intel® Converged Security and Management Engine (Intel® CSME) 12.
- Revocation mechanism supported using CRLs.
- TLS client supports data chunks as well as whole package data.
- TLS client supports configuration of security options.
Warning: On Intel ME 9 through Intel CSME 12, the TLS infrastructure is supported only on Corporate (5MB) firmware SKUs. As a result, using APIs that use this capability, such as those included in SslSession, CertificateChain, CertificateStore and AMT, will result in NotSupportedException on Consumer (1.5M) firmware SKUs.
Starting from Intel TXE 3 and Intel CSME 13, the TLS infrastructure is supported on all SKUs.
See the SSL Sample for more details.
Did you find the information on this page useful?
Feedback Message
Characters remaining: