[messaging] Encrypted Pulic Contact Discovery
steveweis at gmail.com
Wed Aug 26 13:41:20 PDT 2015
Yes, just to clarify: Remote attestation is clearly a design goal of SGX. I
just don't think they've built example code or tools for it yet. I don't
think the Linux SDK has even been kept up to date.
On Wed, Aug 26, 2015 at 1:31 PM, Justin King-Lacroix <
justin.king-lacroix at cs.ox.ac.uk> wrote:
> SGX is a really big step both because Intel has actually issued the
> equivalent of endorsement/platform credentials, so it's usable on the open
> Internet, and because it measures user-level code, which is what most
> applications of RA actually care about. (In fact, the partial isolation of
> the enclave code from the OS means the remote party often doesn't need to
> care about what OS is running.)
> I'm really not convinced RA is an afterthought for SGX. Intel have been
> talking about it from the get-go.
> On 26 August 2015 at 17:20, Steve Weis <steveweis at gmail.com> wrote:
>> With SGX, remote attestation is possible but seems like an afterthought
>> right now. My understanding is that Intel expects someone to write an
>> attesting enclave that will handle attesting peer enclaves. I don't know of
>> any attestation enclave implementation or tooling around it that exists yet.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Messaging