On 10/2/20 9:50 PM, Jarkko Sakkinen wrote:
> + * Failure to explicitly request access to a restricted attribute will cause
> + * sgx_ioc_enclave_init() to fail. Currently, the only restricted attribute
> + * is access to the PROVISION_KEY.
Could we also justify why access is restricted, please? Maybe:
Access is restricted because PROVISION_KEY is burned uniquely
into each each processor, making it a perfect unique identifier
with privacy and fingerprinting implications.
Are there any other reasons for doing it this way?
