You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Since Trustee needs to run in a trusted environment, it could make sense to run it inside of an enclave. This is easier said and done.
Here is a sketch of how we could run Trustee inside of not just any enclave, but CoCo.
One one level, it should be easy to run Trustee in CoCo. We can already deployee Trustee in k8s. If we add some runtime classes, it will work for CoCo. On top of that, we probably want to use sealed secrets to provide certain parts of the configuration, such as the token signing keys.
The big question is how we attest this environment. It might seem like we have a tautological situation here, but actually I think it's reasonable to have a basic attestation tool that can attest Trustee only.
So the question is really how we create a simple, static attestation tool (likely part of trustee-cli) that will listen for a resource request, carry out the KBS protocol, and provide secrets. Hopefully we can reuse logic from Trustee, but the implementation is still a little fuzzy to me.
The text was updated successfully, but these errors were encountered:
Since Trustee needs to run in a trusted environment, it could make sense to run it inside of an enclave. This is easier said and done.
Here is a sketch of how we could run Trustee inside of not just any enclave, but CoCo.
One one level, it should be easy to run Trustee in CoCo. We can already deployee Trustee in k8s. If we add some runtime classes, it will work for CoCo. On top of that, we probably want to use sealed secrets to provide certain parts of the configuration, such as the token signing keys.
The big question is how we attest this environment. It might seem like we have a tautological situation here, but actually I think it's reasonable to have a basic attestation tool that can attest Trustee only.
So the question is really how we create a simple, static attestation tool (likely part of trustee-cli) that will listen for a resource request, carry out the KBS protocol, and provide secrets. Hopefully we can reuse logic from Trustee, but the implementation is still a little fuzzy to me.
The text was updated successfully, but these errors were encountered: