search

spiffe / spire

The SPIFFE Runtime Environment
https://spiffe.io
Apache License 2.0
1.78k stars 472 forks source link

RFE: Phone attestation: Android and iPhone SpireAgent app #4306

Closed mmaymann closed 1 year ago

mmaymann commented 1 year ago

Roots of trust:

  1. Manufacturer: Spire (FDO)
  2. SupplyChain: Spire (FDO)
  3. Network: Spire + SONiC (L2 security + agentless support)
  4. Device: Spire + SONiC ((P)NAC/ACL
  5. User: Spire + KeyCloak + Biometric MFA Securitykey
  6. Workload: Spire + KeyCloak
  7. Data: Spire + KeyCloak

This RFE is regarding 4. Device - Phone attestation (+MDM features) through Spire: -- Google Play Android SpireAgent app -- Apple Appstore iPhone SpireAgent app

I have given my free OSS GoldenPath KubernetesNative version of a GitOps Zero-Conf|Trust|Touch XIoT management target architecture - directly from network devices.

Suggestions/enhancements would be highly appreciated :)

Thanks in advance :)

amartinezfayo commented 1 year ago

Thank you @mmaymann for filing this issue. Similarly to https://github.com/spiffe/spire/issues/4281, I think that it would be great if we can discuss this request in the SIG-SPIRE meeting, where we can gather more context and discuss the request in detail.

mmaymann commented 1 year ago

@amartinezfayo awesome :) Sounds really cool... I will be able to participate earliest 17.8 - I have added it to my calendar and will try to prepare a small presentation for that. Thanks :)

evan2645 commented 1 year ago

Related to: https://github.com/spiffe/spire/issues/4281

Closing this out until we have more time to discuss over video