https://community.intel.com/t5/Intel-Software-Guard-Extensions/Remote-Attestation-for-Confidential-VMs-using-Intel-TDX/m-p/1624883#M6192 <P>Hi Scott,</P><P>&nbsp;</P><P>We are currently using SGX remote attestation via the EPID model which is about to be deprecated soon.</P><P>I want to know what changes are required on our side as per the new Intel Trust Authority model for attestation. Do we have any sample code/example of remote attestation using the replying party ?</P><P>&nbsp;</P><P>-Thanks</P><P>Sam123</P> Wed, 21 Aug 2024 21:11:32 GMT Sam123 2024-08-21T21:11:32Z https://community.intel.com/t5/Intel-Software-Guard-Extensions/Remote-Attestation-for-Confidential-VMs-using-Intel-TDX/m-p/1606215#M6163 <P>Hello,</P><P>&nbsp;</P><P>I'm relatively new to Intel SGX/TDX technology and have recently set up an Azure Intel TDX-based confidential VM as outlined <A href="https://azure.microsoft.com/en-us/updates/public-preview-intel-tdx-based-confidential-vms-now-available-in-the-azure-portal-azure-cli-and-arm-templates/" target="_new" rel="noreferrer">here</A>. This VM is running Windows OS and operates within a Trusted Domain (TD), where its memory and state are encrypted and protected from the hypervisor and other VMs.</P><P>In the context of Intel SGX, remote attestation is typically performed between an enclave application and its corresponding service providers. However, with Intel TDX and my current setup, I'm uncertain about how to perform remote attestation between my TD (Azure VM) and the relevant service provider. It seems I might need to utilize the Intel TDX Quote Generation Library, but I'm unclear about the prerequisites and how it aligns with my specific use case. Moreover, I am not sure if the complete TDX attestation workflow can be performed from within the TD&nbsp; (Azure VM). Are there any sample examples available to help me get started?</P><P>I've found that resources on this topic online are quite scarce, so any assistance or guidance would be greatly appreciated!</P><P>&nbsp;</P><P>Thank you in advance!</P> Wed, 12 Jun 2024 19:24:07 GMT https://community.intel.com/t5/Intel-Software-Guard-Extensions/Remote-Attestation-for-Confidential-VMs-using-Intel-TDX/m-p/1606215#M6163 mAdil 2024-06-12T19:24:07Z https://community.intel.com/t5/Intel-Software-Guard-Extensions/Remote-Attestation-for-Confidential-VMs-using-Intel-TDX/m-p/1606221#M6164 <P>Hello.</P><P>You can read about Azure TDX remote attestation on Microsoft's GitHub repo:</P><P><A href="https://github.com/Azure/confidential-computing-cvm-guest-attestation/blob/tdx-preview/tdx-attestation-app/ATTEST.md#performing-remote-attestation" target="_blank">https://github.com/Azure/confidential-computing-cvm-guest-attestation/blob/tdx-preview/tdx-attestation-app/ATTEST.md#performing-remote-attestation</A></P><P>&nbsp;</P><P>Regards.</P> Wed, 12 Jun 2024 19:27:56 GMT https://community.intel.com/t5/Intel-Software-Guard-Extensions/Remote-Attestation-for-Confidential-VMs-using-Intel-TDX/m-p/1606221#M6164 Scott_R_Intel 2024-06-12T19:27:56Z https://community.intel.com/t5/Intel-Software-Guard-Extensions/Remote-Attestation-for-Confidential-VMs-using-Intel-TDX/m-p/1624883#M6192 <P>Hi Scott,</P><P>&nbsp;</P><P>We are currently using SGX remote attestation via the EPID model which is about to be deprecated soon.</P><P>I want to know what changes are required on our side as per the new Intel Trust Authority model for attestation. Do we have any sample code/example of remote attestation using the replying party ?</P><P>&nbsp;</P><P>-Thanks</P><P>Sam123</P> Wed, 21 Aug 2024 21:11:32 GMT https://community.intel.com/t5/Intel-Software-Guard-Extensions/Remote-Attestation-for-Confidential-VMs-using-Intel-TDX/m-p/1624883#M6192 Sam123 2024-08-21T21:11:32Z