Confidential Computing poses a unique challenge of Attestation Verification. The reason is, Attester in Confidential Computing is infact a collection of Attesters, what we call as Composite Attester. One Attester is a Workload which runs in a CC Environment, while the other Attester is the actual platform on which the Workload is executed. The two Attesters have separate Supply Chains (one been the Workload Owner deploying the Workload) while the Platform is a different Supplier, say Intel TDX or Arm CC. Another deployment could be a Workload been trained on a GPU (via means of Integrated TEE) attached to a CPU, to create an end-to-end secure environment. How can one trust such a Workload, along with the CPU which is feeding the training data to it?? To trust a Composite Attester, through remote attestation one needs multiple Remote Attestation Verifiers, for example one coming from CPU Vendor the other from a GPU Vendor. How do the Verifiers coordinate? Are there topological patterns of coordination that can be standardized.

The presentation will highlight the Work done in IETF Standards & Open Source Project Veraison to highlight: 1. Composite Attesters 2. Remote Attestation though Multiple Verifiers 3. Open-Source Work done in Project Veraison to highlight how Composition of Attesters can be constructed in a standardized manner 4. Open Source Work done in Project Veraison to highlight how Multiple Verifiers can coordinate to produce a Combined Attestation Verdict for a Composite Attester.

Please see the following links- https://datatracker.ietf.org/doc/draft-richardson-rats-composite-attesters/

https://datatracker.ietf.org/doc/draft-deshpande-rats-multi-verifier/

Composition of Attesters using Concise Message Wrappers: Golang Implementation: https://github.com/veraison/cmw
Rust Implementation: https://github.com/veraison/rust-cmw

Attestation results required for constructing compositional semantics: Golang Implementation: https://github.com/veraison/ear

Rust Implementation: https://github.com/veraison/rust-ear

Verification of Composite Attesters - Arm-CCA https://github.com/veraison/services