kdenhartog
commented
2 months ago makes sense to me. I like the idea of handling PCR checking at the point of prepare/authorize. It's not necessary if we have certainty around the first, but ideally we could do this during each authorize call.
I propose that to improve usability and reduce the chances of PCR updates being forgotten, we look into migrating the prior PCR list to QLDB. It could for instance be signed by a vault derived key in order to authenticate it's providence as a PCR which we completed bootstrap for.
@Sneagan notes that we could do this at time of first prepare/authorize rather than at bootstrap time.
cc @kdenhartog