XML

Word

Printable

Type: Epic
Resolution: Done
Priority: Medium
Fix Version/s: OSC 1.10.0
Affects Version/s: None
Component/s: None
Labels:
None

Epic Name:
Capture measurements of the pod VM image for remote attestation
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Ready:
False
Color Status:
Not Selected
Epic Status:
To Do

WSJF:
0

SFDC Cases Links:
SFDC Cases Open:
SFDC Cases Counter:

Intelligence Requested:
Market:

Epic Goal

Capture measurements of the pod VM image for remote attestation

Why is this important?

For confidential containers, attestation is critical to verify the trustworthiness of the TEE environment. From pod VM standpoint, a user need to be sure that the kernel, kernel CLI and rootfs disk has not been tampered before releasing a secret into the environment.

Scenarios

As a user, I want to ensure that the pod VM has not been tampered.
As a user I want to capture the measurements of my pod VM image and use it in Trustee for remote attestation

Acceptance Criteria

(The Epic is complete when...)

Ability to capture measurements when creating the pod VM image
Ability to verify the measurement as part of remote attestation via Trustee
..

Additional context:

is blocked by

KATA-3111 Create integrity-protected pod VM image for Azure

Closed

is depended on by

KATA-2715 Create measurements for all the components used in the CoCo stack

Closed

Assignee:: Unassigned

Reporter:: Pradipta Banerjee

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2025/02/28 5:00 AM

Updated:: 2025/08/04 12:24 PM

Resolved:: 2025/08/04 12:24 PM