On Tue, Nov 27, 2018 at 12:55 AM Dr. Greg <greg@xxxxxxxxxxxx> wrote: > Since the thread has become a bit divergent I wanted to note that we > have offered a proposal for a general policy management framework > based on MRSIGNER values. This framework is consistent with the SGX > security model, ie. cryptographic rather then DAC based policy > controls. This framework also allows a much more flexible policy > implementation that doesn't result in combinatoric issues. Can you give a concrete explanation of a problem that your proposal would solve? As far as I can tell, it gets rid of a case in which an unprivileged attacker who can run enclaves but hasn't compromised the kernel can learn the PPID and other SGX-related permanent platform identifiers, but it does nothing to prevent the same attacker from learning non-SGX-related permanent identifiers, nor does it prevent the attacker from using the Intel quoting enclave (unless configured in a surprising way) and thus attesting to a remote system. So what problem does it solve?
