rdgordon-index
commented
4 months ago https://github.com/WICG/protected-auction-services-discussion/issues/14 is also relevant here, as in https://github.com/WICG/protected-auction-services-discussion/issues/68
https://github.com/privacysandbox/protected-auction-services-docs/pull/127 has now yielded https://github.com/privacysandbox/protected-auction-services-docs/blob/main/public_cloud_tees.md
Hey guys, last one tonight, I'm basically cross-posting from the BA issues queue as it seems to have gone dormant.
We discussed this for a while on the call last week as well as some at the June PATCG conference, so I'm putting this here as a place for continuing discussion. I think we were agreed on getting thoughts from the BA folks on a) what bar it is that AWS and GCP are meeting and b) why it's believed private DCs cannot meet those bars.
https://github.com/privacysandbox/fledge-docs/issues/34
Also just pasting some of the original ticket: TEEs I am no security expert, so if there's something very obvious here than apologies, but has any consideration been given to TEEs running in non-public-cloud environments but providing the necessary constraints, attestations, etc, through some combination of technical and audit requirements? I ask because one of the twix-inesses I see here is that Ad Techs (at least the one I work for) will likely continue to have to support some set of existing use cases outside of a Fledge/Parakeet context, and those use cases are of size anywhere between non-trivial and quite substantial. Having to setup a TEE inside of a non-public-dc with some set of even relatively "intrusive" requirements could be preferable to forcing network and system topologies.