But outside the client machine this key id is not sufficient to
uniquely determine which key the signature corresponds to.
Why is this not sufficient?
In my implementation, I create a lookup table at the attestation service that maps the 4-byte IMA log key identifier to the signing public key.
Are you concerned about collisions? Something else?
Are you suggesting that the client supply the verification public key and that the verifier trust it? Wouldn't that make the log self signed?
How would the verifier determine that the key from the IMA log is valid / trusted / not revoked from the log itself?
A minor question here.
Are you proposing that the IMA log contain a single ima-sigkey entry per public key followed by ima-sig entries?
Or are you proposing that ima-sig be replaced by ima-sigkey, and that each event would contain both the signature and the public key?
If the latter, this could add 25M to a server's 100K log. Would that increase in size concern anyone? Could it be a concern on the other end, an IoT device with limited memory?