Add an OID for attestation transparency. HRST-32 #436
Conversation
Attestation transparency information will be added to the certificate used for joining the cluster, so we need an OID for that purpose. This is being added on the 1.x branch because roche currently must be built with a 1.x version of sgx_pkix due to dependencies on dcap-ql version 3.3. dcap-ql can't be updated without updating mbedtls.
arai-fortanix
requested review from
jethrogb,
mzohreva,
Pagten,
Taowyoo and
raoulstrackx
|
bors retry |
1 similar comment
|
bors retry |
|
bors cancel |
1 similar comment
|
bors cancel |
|
bors r+ |
436: Add an OID for attestation transparency. HRST-32 r=Taowyoo a=arai-fortanix Attestation transparency information will be added to the certificate used for joining the cluster, so we need an OID for that purpose. This is being added on the 1.x branch because roche currently must be built with a 1.x version of sgx_pkix due to dependencies on dcap-ql version 3.3. dcap-ql can't be updated without updating mbedtls. Co-authored-by: Daniel Arai <daniel@fortanix.com>
|
Build failed: |
|
Is it fine to use The changes in #421 is not covered in |
|
Seems CI is blocked by jethrogb/pe-rs#6 , which is meet in #433 before. I fixed it by temporarily pin rust tool-chain version in: c10e404 |
|
I don't think the |
I see. You are correct. The path dependency does not affect the user of |
|
bors cancel |
|
bors r+ |
436: Add an OID for attestation transparency. HRST-32 r=arai-fortanix a=arai-fortanix Attestation transparency information will be added to the certificate used for joining the cluster, so we need an OID for that purpose. This is being added on the 1.x branch because roche currently must be built with a 1.x version of sgx_pkix due to dependencies on dcap-ql version 3.3. dcap-ql can't be updated without updating mbedtls. Co-authored-by: Daniel Arai <daniel@fortanix.com>
|
bors cancel |
|
Canceled. |
|
bors retry |
|
bors try |
|
bors r+ |
436: Add an OID for attestation transparency. HRST-32 r=arai-fortanix a=arai-fortanix Attestation transparency information will be added to the certificate used for joining the cluster, so we need an OID for that purpose. This is being added on the 1.x branch because roche currently must be built with a 1.x version of sgx_pkix due to dependencies on dcap-ql version 3.3. dcap-ql can't be updated without updating mbedtls. Co-authored-by: Daniel Arai <daniel@fortanix.com>
tryBuild succeeded: |
|
bors cancel |
|
Canceled. |
|
bors cancel |
|
bors r+ |
436: Add an OID for attestation transparency. HRST-32 r=arai-fortanix a=arai-fortanix Attestation transparency information will be added to the certificate used for joining the cluster, so we need an OID for that purpose. This is being added on the 1.x branch because roche currently must be built with a 1.x version of sgx_pkix due to dependencies on dcap-ql version 3.3. dcap-ql can't be updated without updating mbedtls. Co-authored-by: Daniel Arai <daniel@fortanix.com>
|
bors cancel |
|
Canceled. |
|
bors r+ |
|
Build succeeded:
|
| @@ -25,7 +25,8 @@ matrix: | |||
| - clang-11 | |||
| - musl-tools | |||
| rust: | |||
| - stable | |||
| # This need to change back to `nightly` after https://github.com/fortanix/rust-sgx/issues/433 is fixed | |||
There was a problem hiding this comment.
Can we please pin to a specific stable version instead
Attestation transparency information will be added to the certificate used for joining the cluster, so we need an OID for that purpose.
This is being added on the 1.x branch because roche currently must be built with a 1.x version of sgx_pkix due to dependencies on dcap-ql version 3.3. dcap-ql can't be updated without updating mbedtls.