I want to perform remote attestation of the server's platform to an application running on a client. So basically the server is supposed to send the secret message containing the attestation to the client.
In the Intel documentation and the example code https://github.com/01org/linux-sgx, I got a bit confused. The application "isv_app" is creating an enclave which performs the message exchange with the "Service Provider".
Can the Service Provider in this case be considered as the server for the remote attestation?
Shouldn't the server that provides the attestation also create an enclave as well or am I just misinterpreting the scenario!?
Link Copied
Hi, Svart.
I believe you are confusing some concepts there.
In the remote attestation process we have three main "participants":
The SP communicates with IAS to verify the QUOTE structure sent by the isv_app's enclave, and thus doesn't need to use the SGX SDK nor to have an enclave.
Thanks for the clarification
For more complete information about compiler optimizations, see our Optimization Notice.