Is your feature request related to a problem? Please describe.
The idea is to provide the Agent with a way to check what he receives from the Manager and to provide the consortium members with a way to check if the CVM they are communicating with is indeed their CVM.
Describe the feature you are requesting, as well as the possible use case(s) for it.
This feature aims to add a host-data option to the QEMU launch command. This option introduces a 256-bit value that will become a permanent field in the attestation report (AR).
With the host-data option, the Manager can launch the CVM and pass the hash of the manifest as the value of this option. The Agent can then use this field of the AR to verify the authenticity of the manifest received from the Manager.
During the AR verification process, the consortium members can verify the AR's host-data field and assure themselves that the CVM they are communicating with is indeed the expected one.
Is your feature request related to a problem? Please describe.
The idea is to provide the Agent with a way to check what he receives from the Manager and to provide the consortium members with a way to check if the CVM they are communicating with is indeed their CVM.
Describe the feature you are requesting, as well as the possible use case(s) for it.
This feature aims to add a
host-data
option to the QEMU launch command. This option introduces a 256-bit value that will become a permanent field in the attestation report (AR).With the
host-data
option, the Manager can launch the CVM and pass the hash of the manifest as the value of this option. The Agent can then use this field of the AR to verify the authenticity of the manifest received from the Manager.During the AR verification process, the consortium members can verify the AR's
host-data
field and assure themselves that the CVM they are communicating with is indeed the expected one.Indicate the importance of this feature to you.
Must-have
Anything else?
No response