From 39625a763c0fc17e5475a44a7cee64aca6fb9fe0 Mon Sep 17 00:00:00 2001
From: Jose Marinho <jose.marinho@arm.com>
Date: Fri, 14 May 2021 10:44:24 +0100
Subject: [PATCH] reword FW authorization -- NIST 800-193

---
 source/chapter2-uefi.rst | 17 +++++------------
 1 file changed, 5 insertions(+), 12 deletions(-)

diff --git a/source/chapter2-uefi.rst b/source/chapter2-uefi.rst
index a74ec91..4e98f7a 100644
--- a/source/chapter2-uefi.rst
+++ b/source/chapter2-uefi.rst
@@ -111,20 +111,13 @@ The FW image authenticity should be implemented by authenticating the different
 The FW update authorization should be implemented by verifying that the capsule or its components were assembled
 by the platform owner.
 
-Capsule authorization
-^^^^^^^^^^^^^^^^^^^^^
-
-The OS can expose the UpdateCapsule interface to any non-priveliged system user.
-The FW updates initiator or the FW update package creator should
-be an authorized user [NIST_800_193]_.
-
-The capsule or the FW images contained in the capsule should be signed by a platform owner key.
-The UEFI implementation should authenticate the capsule or
-the different fw images included in the capsule using the platform owner key.
+FW update authorization
+^^^^^^^^^^^^^^^^^^^^^^^
 
-The capsule or FW image components are signed by the platform owner in a platform specific way.
+The FW update authorization [NIST_800_193]_ can be checked by the OS, using OS specific methods, before calling
+UpdateCapsule. Alternatively, the FW update authorization can rely on the FW image authenticity check.
+If all FW images in the capsule are authentic then the user is deemed authorized to progress with the FW update procedure.
 
-The platform owner public key is kept in an platform specific NV region.
 
 FW image authentication
 ^^^^^^^^^^^^^^^^^^^^^^^
-- 
GitLab