Hello,

I just recently found out that there's a concept of key ownership in TF-M (e.g., if a new secure partition creates a key and returns the key handle to NSPE, NSPE can't export it even if the key is config-ed to be exportable -- the key can only be used by the owner).

My question is: is this design based on PSA or specific to just TF-M implementation?

Thank you in advance,