On 02/11/2015 12:43, stef wrote: > On Wed, Feb 11, 2015 at 10:03:15AM +0000, Hannes Mehnert wrote: >> Also, it would be neat to think about a good way how the server >> can prove that it actually has the private key to the bounty - >> but I believe it is impossible (similar to that the server cannot >> prove it runs the software we claim it does). > > couldn't remote attestation be used for this?
sure - at least in theory. do you have any concrete implementation/strategy in mind? (I'm not an expert in RA)... hannes
