Closed
Description
This is mostly in the interest of keeping myself from adding features that aren't additive and is motivated by #1820. That PR adds some code to improve our seeding strategy. This includes passing a seed derived from the DICE measured boot through the stage0-handoff memory region to the RNG task. We want this feature enabled by default and to require app.toml files to explicitly disable this feature given its relevance to security & cryptography stuff. It's possible to accomplish this w/ a feature that removes the functionality but cargo discourages this. #1820 seems like enough of a reason to see if we can do this w/o too much work.
Metadata
Metadata
Assignees
Labels
No labels