Moritz Eckert
Moritz Eckert
@lead4good Thanks! Are you working on a PR for this feature?
Let me clarify because I'm not that familiar with JKS. The JKS only holds keys or certificates or can it store arbitrary binary blobs? In case we only speak about...
> uuuh it turns out there might be a use case where you dont want to important the entire secret into the keystore specifically edb. > > the service that...
Hey @aep, > I like the latter option better. You can pass `edbSecret.Cert` to the client Marble and `edbSecret` to edb. The handler function just handles both cases. Does that...
I agree with Daniel that ideally, encodings should be language neutral. However, I see the problem here and it's just another encoding. IMO, that's not a big deal and we...
@lead4good @brenzi @mullefel Okay, we can allow updating the mrenclave. To that end, you'll need to extend the update routine for the mrenclave field in the manifest. Regarding the secret...
@lead4good Would a simple updateability of mrenclave be sufficient for your use-case with the current behavior of secret updates?
@lead4good If you set the protected files key secret as [shared](https://docs.edgeless.systems/marblerun/#/workflows/define-manifest?id=secrets). Newer versions of the gramine enclave will get the same secret and be able to decrypt the old state...
@lead4good Is this still a feature that you need or are actively working on?
Hey @piaolaidelangman, Currently, we have support for EdgelessRT, EGo, Gramine/Graphene, and Occlum. Would you like to see support for the Intel SGX SDK?