Is It Possible to Share Intel® Software Guard Extensions (Intel® SGX) Enclave Quote or PCK Certificate with Arbitrary Third Parties for Purposes of Third-party Remote Attestation?

Content Type: Product Information & Documentation | Article ID: 000088210 | Last Reviewed: 11/02/2021

Description Resolution Additional information

Description

Unable to determine the limitations of sharing an enclave's quote or PCK certificate with reliant third parties.

Resolution

The Intel® Software Guard Extensions (Intel® SGX) enclave's quote contains the PCK Certificate, and there are no limits on sharing the quote with reliant third parties.

After you send the quote to the remote relying party, the third party's quote verification libraries can use it by pulling the rest of the required quote verification evidence and collateral directly from Intel® Software Guard Extensions Provisioning Certification Service (Intel® SGX Provisioning Certification Service). The latest version of the QCNL allows you to do this.

Additional information

Refer to Intel® Software Guard Extensions (Intel® SGX) Data Center Attestation Primitives: ECDSA Quote Library API.

Is It Possible to Share Intel® Software Guard Extensions (Intel® SGX) Enclave Quote or PCK Certificate with Arbitrary Third Parties for Purposes of Third-party Remote Attestation?

Description

Resolution

Additional information

Need more help?