CCF icon indicating copy to clipboard operation
CCF copied to clipboard

Published 20 hours ago verified publisher icon microsoft

Harden attestation validation logic

Open cjen1-msft opened this issue 5 months ago • 0 comments

We currently parse the attestation then check the signature, and we should do this the other way round:

  • first validate the signature on the attestation against all of the roots of trust
  • Then parse it and ensure that the validated root of trust matches the attestation's claimed one.

cjen1-msft avatar Jun 12 '25 16:06 cjen1-msft