github/confidential-containers
1
0
Fork 0
mirror of https://github.com/confidential-containers/confidential-containers.git synced 2025-08-31 08:12:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

Define KBS

Browse Source 
Co-authored-by: Christophe de Dinechin <christophe@dinechin.org>
This commit is contained in:
Dan
2023-03-03 07:43:25 -06:00
parent 37d484813b
commit d5f6ccd76e
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
releases/v0.4.0.md
View File

@@ -32,7 +32,7 @@ The following are known limitations of this release:
- SELinux is not supported on the host and must be set to permissive if in use. - SELinux is not supported on the host and must be set to permissive if in use.
- Attestation and key brokering support is still under development - Attestation and key brokering support is still under development
* The disk-based key broker client (KBC) is used for non-tee testing, but is not suitable for production, except with encrypted VM images. * The disk-based key broker client (KBC) is used for non-tee testing, but is not suitable for production, except with encrypted VM images.
* Currently, there are two KBS that can be used: * Currently, there are two key broker services (KBS) that can be used:
- simple-kbs: simple key broker service (KBS) for SEV(-ES). - simple-kbs: simple key broker service (KBS) for SEV(-ES).
- [Verdictd](https://github.com/inclavare-containers/verdictd): An external project with which Attestation Agent can conduct remote attestation communication and key acquisition via EAA KBC - [Verdictd](https://github.com/inclavare-containers/verdictd): An external project with which Attestation Agent can conduct remote attestation communication and key acquisition via EAA KBC
* The full-featured generic KBS and the corresponding KBC are still in the development stage. * The full-featured generic KBS and the corresponding KBC are still in the development stage.