Trusted Service Identity is closing the gap of preventing access to secrets by an untrusted operator during the process of obtaining authorization for data access by the applications running in the public cloud.
Apache License 2.0
27
stars
11
forks
source link
Introduce Keylime as a tool for building node x509 #136
Introduce Keylime tool to attest a node, then securely deliver intermediate.key.pem and intermediate.cert.pem to attested node and finally create x509 for each node.
These x509 certs are then used for attesting the SPIRE agents with x509pop NodeAttestors
Introduce Keylime tool to attest a node, then securely deliver
intermediate.key.pem
andintermediate.cert.pem
to attested node and finally create x509 for each node. These x509 certs are then used for attesting the SPIRE agents with x509pop NodeAttestorsSigned-off-by: Mariusz Sabath mrsabath@gmail.com