Unclear distinction between Aggregated Measured Boot and Local Verifier

[bluegate010]

https://github.com/chipsalliance/caliptra-sw/blob/main-2.x/runtime/README.md describes Aggregated Measured Boot and Local Verifier as two different use-cases supported by Caliptra.

• The "Caliptra-Endorsed Aggregated Measured Boot" section states that one signed manifest includes measurements for a collection of different components.
• The "Caliptra-Endorsed Local Verifier" section first paragraph states that measurements of components are compared to a manifest.

Those sound like the same thing.

The main difference between Caliptra-Endorsed Aggregated Measured Boot and Caliptra-Endorsed Local Verifier is if the SoC RoT is relying on the Measurement Manifest for SoC Secure Boot services as opposed as using it as an additional verification.

So in both models the SoC is checking in with Caliptra whenever it boots code. In the second model the SoC is doing its own verification on top of that. If that's the case, it seems like we could just describe a single model of manifest flows. We can just say that this is a feature that SoCs can rely on, and they can optionally also do their own verification on top of that.