Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1453 Discussions

Question about MTLS between SP and IAS?

shen_y_
Beginner
‎07-06-2016 10:34 AM
832 Views
Solved Jump to solution

Hi 

 

I've registered my SP with IAS and received a SPID and a Report Key link.

My question is :

1. Is the Report Key needed in MTLS or remote attestation? If true, how to use it ?

2. MTLS means that both SP and IAS must present a valid (not expired or revoked) X.509 certificate for authentication.I've provided SP's certificate to IAS and received a SPID,how to get IAS's certificate?  In my opinion, I should put the IAS's certificate in SP's truststore used for TLS1.2 authentication when I access IAS WebService which is supplied for remote attestation. Is my understanding right? 

Thanks and Regards,

Yu

 

 

0 Kudos
1 Solution

Link Copied

4 Replies
Surenthar_S_Intel
Employee
‎07-12-2016 09:05 PM
832 Views
Solved Jump to solution

Hi Yu,

We have a code sample for remote attestation that is nearing release. It should be ready soon. This sample has will likely address your question.

Thanks and Regards,
Surenthar Selvaraj

0 Kudos
Copy link
shivani_g_
Beginner
‎08-04-2016 12:37 PM
832 Views
Solved Jump to solution

Hi Surenthar

Will a code sample for remote attestation for linux OS will also be released soon ?

I was trying to communicate with SP directly via sockets. I'm able to successfully complete the TLS handshake. But after writing the request to socket my SSL_read() always fails and I'm unsure why.

Thank You

0 Kudos
Copy link
Surenthar_S_Intel
Employee
‎08-08-2016 11:44 PM
832 Views
Solved Jump to solution

Hi Shivani,

At this time there are no plans to provide a remote attestation sample for Linux OS.

Thanks

0 Kudos
Copy link
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.