Does any one have some detailed information (or a document) describing TLS with regards to AMT?
What exactly is the diffreance between Server and Mutual authentication?
I will be answering my own question here. I eventually found a very interesting document by CISCO, even though the document is about deploying wireless LAN's, it has a very good and easy to understand description of TLS and mutual vs server authentication. If any one else wants a easy to understand desription of TLS have a look at:
I am glad you found this document. Yes, basicaly, if you use server-auth: Only Intel AMT has a certficate and the console or browser must be able to trust that certificate.
In mutual-auth, both Intel AMT console and Intel AMT must have certificates and both must verify and trust each other's certificates.
As a side note, the Intel AMT DTK does not currenlty support mutual-auth, but this will be added next week since there seems to be more demand for it now.
Ylian (Intel AMT Blog)