Rewrite "chain of trust" section #3066
Conversation
✅ Deploy Preview for constellation-docs ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
There was a problem hiding this comment.
Reads much clearer now, thanks!
Not sure why vale is unhappy with "CLI's" and was happy with "CLI" before.
Maybe we need to add "CLI" to https://github.com/edgelesssys/constellation/blob/main/docs/styles/config/vocabularies/edgeless/accept.txt#L14
|
|
||
| When a cluster is [created](../workflows/create.md), the CLI automatically verifies the runtime measurements of the *first node* using remote attestation. Based on this, the CLI and the first node set up a temporary TLS connection. This [aTLS](#attested-tls-atls) connection is used for three things: | ||
| 1. The CLI sends the runtime measurements for the applicable node image to the first node. | ||
| 2. The first node sends the [master secret](../architecture/keys.md#master-secret) of the to-be-created cluster to the CLI. The master secret is generated by the first node. |
There was a problem hiding this comment.
I think this works the other way around CC @daniel-weisse.
In the init grpc proto, this field is called kms_uri.
constellation/bootstrapper/initproto/init.proto
Lines 17 to 18 in edc0c70
The CLI generates the master secret and sends it to the first node.
There was a problem hiding this comment.
Originally we generated the master secret on node, we no longer do this, so it should be
"The CLI sends the master secret to the first node"
Technically, we also send the runtime measurements to the first node later on once the Kubernetes is actually set up,.
Though at this point only a single node cluster exists, so the statement is still correct.
Its called kms_uri in the proto definition since we encode the secret in a URI to make it compatible with a yet-to-be-implemented KMS backend to keep and manage the secret
Co-authored-by: 3u13r <lc@edgeless.systems>
Co-authored-by: 3u13r <lc@edgeless.systems>
I rewrote the "Chain of trust" section to explain E2E how trust is established into a cluster. This is the first step of rewriting the entire attestation.md and potentially other parts of the docs.