Presently the Nitro enclave uses plain HTTP to listen on vsock connection from the Nitro shim proxy. It implies that the shim layer outside the enclave, which is considered less trusted, see unencrypted traffic. Thus attackers gaining access to the shim will be able to see all the traffic. Moreover, they can alter the messages coming into the enclave from a client. The only thing they will not be able to do is to alter HTTP replies coming from the enclave as those are signed using Nitro authentication.
To address this the idea is to use HTTPS, not HTTP, to listen on vsock connections. To address the issue of the TLS certificate trust the server will use a self-signed certificate which is then published using plain HTTP signed using Nitro authentications.
The client then first connects using HTTP to the enclave to get the certificate. Then for the subsequent traffic the client switches to HTTPS and verifies that the server uses that certificate for all connections.
This addresses the above issues of shim eavesdropping or even altering the incoming messages.
Presently the Nitro enclave uses plain HTTP to listen on vsock connection from the Nitro shim proxy. It implies that the shim layer outside the enclave, which is considered less trusted, see unencrypted traffic. Thus attackers gaining access to the shim will be able to see all the traffic. Moreover, they can alter the messages coming into the enclave from a client. The only thing they will not be able to do is to alter HTTP replies coming from the enclave as those are signed using Nitro authentication.
To address this the idea is to use HTTPS, not HTTP, to listen on vsock connections. To address the issue of the TLS certificate trust the server will use a self-signed certificate which is then published using plain HTTP signed using Nitro authentications.
The client then first connects using HTTP to the enclave to get the certificate. Then for the subsequent traffic the client switches to HTTPS and verifies that the server uses that certificate for all connections.
This addresses the above issues of shim eavesdropping or even altering the incoming messages.