On 20.07.25 13:04, Mark Novak wrote:
Mark, you are citing my quote completely out of context. In particular, the text (just above this quote that you removed) says "The former is stating those /requirements/..."Is "the keys stay in the TEE and aren't accessible to parts of the application other than those that are being attested to" a guarantee or a mechanism?It is a guarantee. It is not, unfortunately.
The only guarantee the TEEs make is that the code running inside the TEE matches that of the quote at the time the quote is generated.
That's wrong. TEEs, by themselves, do not guarantee this. You have to ensure that the attestation protocol is correct, etc.
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
