Hacker News

Confidential computing's core trust mechanism is broken. The fix may not exist

3 points by manwithaplan ago | 1 comments

manwithaplan [-]

> "We believe post-handshake attestation alone can achieve level three binding," Sardar told The Register, warning that newer proposals combining both approaches add unnecessary complexity without adding security. His recommendation to the IETF's TLS working group is blunt: developers should abandon intra-handshake attestation altogether.