- From: Erik Taubeneck via GitHub <sysbot+gh@w3.org>
- Date: Fri, 21 Oct 2022 20:02:31 +0000
- To: public-patcg@w3.org
> I think that we want to be direct about the threat model that a TEE is developed under. That is, physical access to the hardware might, with some non-trivial effort, be used to access the active state, which would otherwise be protected. > > And we have to consider that the operator has physical access. This is precisely why some of us find use of a TEE uncomfortable/unacceptable. > > I don't think we win by prevaricating on this point. We win by acknowledging it and tackling it head-on. That means strict requirements on operational practices by TEE operators, audits, and other such non-technical measures. _Originally posted by @martinthomson in https://github.com/patcg/docs-and-reports/pull/14#discussion_r1001404869_ -- GitHub Notification of comment by eriktaubeneck Please view or discuss this issue at https://github.com/patcg/docs-and-reports/issues/25#issuecomment-1287383445 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Friday, 21 October 2022 20:02:33 UTC