apache / incubator-teaclave

Apache Teaclave (incubating) is an open source universal secure computing platform, making computation on privacy-sensitive data safe and simple.

https://teaclave.apache.org

Apache License 2.0

757 stars 159 forks source link

DCAP deployment improvement #698

Open henrysun007 opened 1 year ago

henrysun007 commented 1 year ago

Motivation & problem statement

The deployment for DCAP attestation is not well supported. runtime.config.toml and build.config.toml have to be modified manually. There are three runtime.config.tomls in config, docker and tests/fixtures respectively.

henrysun007 commented 1 year ago

Besides, there are many issues about the attestation:

667

634

548

469

459

452

More documents are needed about the attestation. The attesation also needs improvement.

hiroki-chen commented 1 year ago

Hi @henrysun007, I noticed that the port for attestation is hardcoded as 443 in attestation/src/service.rs:

let addrs = url.socket_addrs(|| match url.scheme() {
    "https" => Some(443), // Fixed port.
    _ => None,
})?;

Is it possible for us to change the binding port? Sometimes 443 on the local machine is already in use for other services so that we cannot deploy DCAP.