CCF icon indicating copy to clipboard operation
CCF copied to clipboard

Published 20 hours ago verified publisher icon microsoft

Release and packaging for SEV-SNP

Open jumaffre opened this issue 3 years ago • 2 comments

Once #4068 is complete, we should release a separate package and docker image of CCF so that it can be deployed in ACI, without requiring Open Enclave:

  • [ ] 1. Decide on scheme for SEV-SNP CCF variants. Either a compile-time value for a new target, or a new configuration value (i.e. enclave.secure: true/false which defaults to true) to make sure that operators do not deploy virtual, insecure nodes by mistake.
  • [ ] 2. Release new ccf/app/dev and ccf/app/run docker images, without existing SGX/Open Enclave dependencies

jumaffre avatar Jul 26 '22 15:07 jumaffre

It's also worth noting we should probably update the sample constitutions to allow operators to manage the tables used in SNP attestation

DomAyre avatar Oct 12 '22 10:10 DomAyre

@DomAyre I think we've done most of that, except perhaps the binary decoration? I think we want to close this before 3.0 final, and so this effectively should become p0.

achamayou avatar Nov 07 '22 09:11 achamayou