Closed Xynnn007 closed 1 year ago
fitzthum
commented
1 year ago This should be somewhat straightforward. I have yet to decide if we want to extend the protocol to pass the fields individually (would also require changes to the kata shim) or just parse them from the id. I am thinking that we probably won't support having different repos with simple-kbs.
Xynnn007
commented
1 year ago I am thinking that we probably won't support having different repos with simple-kbs. Yes, that depends on how simple-kbs works. We can change the AA side code to ignore useless fields and only convert
<type>/<tag>This should be somewhat straightforward. I have yet to decide if we want to extend the protocol to pass the fields individually (would also require changes to the kata shim) or just parse them from the id.
Sorry I cannot get your point. What does "pass the fields individually" mean? What fields?
Xynnn007
commented
1 year ago Can this issue be closed?
fitzthum
commented
1 year ago Yup. Turns out we can handle this by just adding more resources to the db.
Support kbs uri for both keys and resources. Now the request format is under reviewing here https://github.com/confidential-containers/attestation-agent/pull/129/files#diff-24688ed3518cc206dbc961a052e75291930a4176eecad2e46da73d7834655512R53
The id field follows
<repository>/<type>/<tag>format, which should be handled in simple-KBS side.