logo

Confidential computing's core trust mechanism is broken. The fix may not exist

Posted by manwithaplan |3 hours ago |1 comments

manwithaplan 3 hours ago

> "We believe post-handshake attestation alone can achieve level three binding," Sardar told The Register, warning that newer proposals combining both approaches add unnecessary complexity without adding security. His recommendation to the IETF's TLS working group is blunt: developers should abandon intra-handshake attestation altogether.