That effort runs by way of the Confidential Computing Consortium, the Linux Basis neighborhood the place competing firms collaborate on shared infrastructure issues. The consortium is just not attempting to grow to be a registry of trusted brokers, Bursell added, however fairly a spot the place firms can develop frameworks, greatest practices, and, equally essential, antipatterns.
Id drew a few of the strongest curiosity at this week’s occasion. Pawan Khandavilli, senior product supervisor at Microsoft, pointed to agent cost initiatives from Visa, Mastercard, and Google, the FIDO Alliance’s rising agent work, SPIFFE workload identities, and RFC 8693 token alternate. The items exist already, Khandavilli argued, however “the vocabulary is fragmented.” The problem now’s connecting these id techniques to hardware-backed attestation fairly than relying solely on software program belief.
The assault floor beneath the attestation
{Hardware}-isolated environments are solely as safe because the shared substrates beneath them. Zvonko Kaiser, principal techniques engineer at NVIDIA, argued that attestation protects the trusted execution atmosphere itself however doesn’t eradicate dangers within the shared substrates beneath. The processor cache sits beneath each isolation boundary, and a 2026 method known as TDXRay demonstrated how data might be noticed throughout digital machine boundaries. No layer above the cache, Kaiser argued, can utterly cover what the cache itself sees.