You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The ASR does allow a container to request a token, but we haven't used this feature much and it could be kind of broken. For one, we can't specify the TEE public key. Without this the uses of the token are somewhat limited. On the other hand, it could be dangerous to allow setting the public key. That is basically an evidence factory attack and should only be used in certain cases. We should think about the best way to implement.
Also, our tooling in Kata doesn't know anything about the token option (see here). We should probably try to improve the documentation a little bit.
The text was updated successfully, but these errors were encountered:
The ASR does allow a container to request a token, but we haven't used this feature much and it could be kind of broken. For one, we can't specify the TEE public key. Without this the uses of the token are somewhat limited. On the other hand, it could be dangerous to allow setting the public key. That is basically an evidence factory attack and should only be used in certain cases. We should think about the best way to implement.
Also, our tooling in Kata doesn't know anything about the token option (see here). We should probably try to improve the documentation a little bit.
The text was updated successfully, but these errors were encountered: