Thanks, Roberts and Nicolas.
Other doubt that arose here is about privacy...
In the attestation process, the machine being attested sends the public portion of its EK
to the Attestor, and thus the Attestor could identify the machine by this key (if it
requests attestation multiple times).
Some considerations are pointed here
where different AIK, for instance, could be generated for each user, but they apply only
for scenarios where the machine being attested has multiple users. If the machine itself
doesn't have any user, then using multiple AIK will not make any difference.
Do you have any alternative or thoughts for this situation?