November Webinar Questions

[cetola]

These are the questions from the webinar. We will discuss in the TAC meeting to determine which should be added to the FAQ.

1. What are the minimal number of entities that require trust? (define the TCB?)
2. What are some mature use cases currently using Confidential Computing?
3. Can homomorphic encryption or TPMs provide data integrity or are these technologies malleable by design? If you're using homomorphic encryption, do you still need to use Confidential Computing?
4. What is the relationship between the CCC and OpenSSF, CNCF, IETF TEEP/RATS, FIDO Alliance, etc?
5. What are the most challenging unsolved technical problems faced by CC today? Eg. Are there limits around data sizes?
6. Could you summarize add-on TPM chip vs integrated into CPU option?
7. When you talk about verifier, what will be the root-of-trust and how do you make sure that the chain isn't broken until to the user/customer?
8. You talked about Confidential Computing being faster than Homomorphic Encryption, but do we have precise information such as "CC is X times faster than HE for this task" ?
9. Is there any effort to do the attestation to those hardware vender’s hardware in the open source domain?

[dthaler]

@cetola this looks like a duplicate of issue #31, can we close one of them?

[cetola]

Any questions marked as "ready for publication" on this document can be posted to the website: https://docs.google.com/document/d/1QApp1YImGJVrBwD-pLkgeDr7phoqni6SjZQ1-9pMRpk/edit