Community
cancel
Showing results for 
Search instead for 
Did you mean: 
jamason
Beginner
213 Views

ISV enclave signing key and ISV remote attestation keys with the IAS

the enclave ISV needs to have his signing key whitelisted with Intel by going through a business licence agreement process. Can the ISV singing key be self signed (and well protected in an HSM ) or should it be signed by a trusted CA?

  • what is a whitelist? is it a certificate for the public key of the ISV signing key?
  • Does the signing business agreement also include acccess to the IAS production server? and hence can we consider that the whitelisted signing key is always the same as the key used to interact with IAS production server?

thanks

0 Kudos
1 Reply
Hoang_N_Intel
Employee
213 Views

Please take a look at this whitepaper. It provides more details on how the whitelist process works.

https://software.intel.com/sites/default/files/managed/78/4a/overview-signing-whitelisting-intel-sgx...

Reply