November Webinar Questions #32
Description
These are the questions from the webinar. We will discuss in the TAC meeting to determine which should be added to the FAQ.
- What are the minimal number of entities that require trust? (define the TCB?)
- What are some mature use cases currently using Confidential Computing?
- Can homomorphic encryption or TPMs provide data integrity or are these technologies malleable by design? If you're using homomorphic encryption, do you still need to use Confidential Computing?
- What is the relationship between the CCC and OpenSSF, CNCF, IETF TEEP/RATS, FIDO Alliance, etc?
- What are the most challenging unsolved technical problems faced by CC today? Eg. Are there limits around data sizes?
- Could you summarize add-on TPM chip vs integrated into CPU option?
- When you talk about verifier, what will be the root-of-trust and how do you make sure that the chain isn't broken until to the user/customer?
- You talked about Confidential Computing being faster than Homomorphic Encryption, but do we have precise information such as "CC is X times faster than HE for this task" ?
- Is there any effort to do the attestation to those hardware vender’s hardware in the open source domain?