New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

`enclaver run` attestation verification flag #35

Open

1 task

robszumski opened this issue Oct 4, 2022 · 0 comments

Contributor

robszumski commented Oct 4, 2022 •

edited

Loading

Determine if we think it is useful enough to verify an attestation before running an enclave image:

enclaver run --verify-before-run attestation.json will verify an attestation of an image after fetching it, but before executing it. If the comparison fails, the violating PCRs will be logged and the command will fail with an exit code.

Due to our threat model, this is more of a corruption check due to a hostile host manipulating the functionality.

If we move forward, update Verifying Cryptographic Attestations in architecture docs

The text was updated successfully, but these errors were encountered:

This was referenced Oct 5, 2022

enclaver trust to output attestation document from a given image #38

Open

Architecture documentation #19

Merged

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment