Is it possible for AMD to consider to add "Access-Control-Allow-Origin: *" header into the CEK certificate web server? ( https://kdsintf.amd.com/ )
Background:
We are developing web application services which provide SEV-SNP attestation reports to users, and we are considering to provide javascript by which the users' web browser can validate the reports. For validating the SEV-SNP attestation reports, javascript on the users' web browser needs to get ARK, ASK, and VCEK from https://kdsintf.amd.com/ . However, it is prevented by cross-origin resource sharing (CORS) restriction of the web browser. For resolving this issue, we would like to ask AMD to add "Access-Control-Allow-Origin: *" header into the CEK certificate web server. We believe this change will also benefit many other application developers.
Is it possible for AMD to consider to add "Access-Control-Allow-Origin: *" header into the CEK certificate web server? ( https://kdsintf.amd.com/ )
Background: We are developing web application services which provide SEV-SNP attestation reports to users, and we are considering to provide javascript by which the users' web browser can validate the reports. For validating the SEV-SNP attestation reports, javascript on the users' web browser needs to get ARK, ASK, and VCEK from https://kdsintf.amd.com/ . However, it is prevented by cross-origin resource sharing (CORS) restriction of the web browser. For resolving this issue, we would like to ask AMD to add "Access-Control-Allow-Origin: *" header into the CEK certificate web server. We believe this change will also benefit many other application developers.