How to attest the platform owner in SEV-SNP?

[cowbon]

In traditional SEV, we have PEK signed by both OCA from the platform owner and CEK from AMD. Attestation reports are signed by PEK. But In SEV-SNP, attestation reports signed by VCEK are available on demand. Are PEK, PDH and other keys generated by guest owner totally removed in SEV-SNP? If so, how do guest owners attest the platform provider?