DMTF’s Security Protocols and Data Models Working Group recently released the Security Protocol and Data Model (SPDM) Binding over Transmission Control Protocol (TCP) 1.0.0 (DSP0287), which specifies binding SPDM messages to TCP. The scope of this specification binds Out-of-Session SPDM messages and In-Session SPDM messages to TCP and further defines the transport specific details.

The TCP binding is designed for anyone looking to have SPDM semantics at rack scale, where infrastructure components can validate each other within the box (over MCTP) and outside the box (over TCP/IP).  For example, if you’re building a rack manager, a rack or row aggregator, or any other infrastructure over TCP/IP and validating measurements or workload is essential, the SPDM over TCP standard is what you need.  It can also go beyond the rack, allowing cloud orchestration software to measure the infrastructure it communicates with.

Key highlights from the release include:

• Describes transmitting SPDM messages over TCP transport between two endpoints, the SPDM Requester and the SPDM Responder
• Both SPDM messages (DSP0274) and SPDM Secured Messages (DSP0277) are necessary for the application of this specification

These specifications – developed by DMTF’s SPDM Working Group – continue to incorporate the input of the organization’s Alliance Partners. To submit feedback, please use the DMTF Feedback Portal at https://www.dmtf.org/standards/feedback.

To learn more about the SPDM Working Group and how SPDM fits into your ecosystem or to get involved in this work, please visit https://www.dmtf.org/standards/spdm.