suggestions for `checkLocalEnclaveReport`
Opened this issue · 0 comments
amiller commented
I had a couple of suggestions after using this interface:
- Allow overriding the policy involving enclave signer. If we check mrenclave anyway, checking mrsigner seems redundant. I'd like for people to be able to generate attestations with an enclave they just built from source.
- Make it easier to check the current value of
checkLocalEnclaveReport
. It's marked private so subclasses can't access it, there's no getter method, and the only way to interact with it is to "toggle" it