Merge "Clean up description of IRemotelyProvisionedComponent uniqueId" am: d90f067c24
Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2099139
Change-Id: I4bd0784453f2de2751e8440d240d4106caef06d6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
diff --git a/security/keymint/aidl/android/hardware/security/keymint/RpcHardwareInfo.aidl b/security/keymint/aidl/android/hardware/security/keymint/RpcHardwareInfo.aidl
index 3a4c233..0cb33ce 100644
--- a/security/keymint/aidl/android/hardware/security/keymint/RpcHardwareInfo.aidl
+++ b/security/keymint/aidl/android/hardware/security/keymint/RpcHardwareInfo.aidl
@@ -59,13 +59,17 @@
* client should NOT interpret the content of the identifier in any way. The client can only
* compare identifiers to determine if two IRemotelyProvisionedComponents share the same
* implementation. Each IRemotelyProvisionedComponent implementation must have a distinct
- * identifier from all other implementations on the same device.
+ * identifier from all other implementations, and it must be consistent across all devices.
+ * It's critical that this identifier not be usable to uniquely identify a specific device.
*
* This identifier must be consistent across reboots, as it is used to store and track
* provisioned keys in a persistent, on-device database.
*
* uniqueId may not be empty, and must not be any longer than 32 characters.
*
+ * A recommended construction for this value is "[Vendor] [Component Name] [Major Version]",
+ * e.g. "Google Trusty KeyMint 1".
+ *
* This field was added in API version 2.
*
*/