Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2024-09-19 15:56:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update docs (#2982)

Browse Source 
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
This commit is contained in:
Adrian Stobbe 2024-03-13 14:09:51 +01:00 committed by GitHub
parent 85b44f7f57
commit 1334b84c2e
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -33,7 +33,7 @@ Encrypting your K8s is good for:
### 🔒 Everything always encrypted
* Runtime encryption: All nodes run inside AMD SEV-based Confidential VMs (CVMs). Support for Intel TDX will be added in the future.
* Runtime encryption: All nodes run inside Confidential VMs (CVMs) based on AMD SEV or Intel TDX.
* Transparent encryption of network: All [pod-to-pod traffic is automatically encrypted][network-encryption]
* Transparent encryption of storage: All writes to persistent storage are automatically encrypted.
This includes [nodes' state disks][storage-encryption], [persistent volumes via CSI][csi], and [S3 object storage][s3proxy].

2
docs/docs/architecture/attestation.md
View File

@ -346,7 +346,7 @@ A user can [verify](../workflows/verify-cluster.md) this statement and compare t
So far, this page described how an entire Constellation cluster can be verified using hardware attestation capabilities and runtime measurements.
The last missing link is how the ground truth in the form of runtime measurements can be securely distributed to the verifying party.
The build process of Constellation images also creates the ground truth runtime measurements. <!-- soon: The builds of Constellation images are reproducible and the measurements of an image can be recalculated and verified by everyone. -->
The build process of Constellation images also creates the ground truth runtime measurements. The builds of Constellation images are reproducible and the measurements of an image can be recalculated and verified by everyone.
With every release, Edgeless Systems publishes signed runtime measurements.
The CLI executable is also signed by Edgeless Systems.

2
docs/versioned_docs/version-2.16/architecture/attestation.md
View File

@ -346,7 +346,7 @@ A user can [verify](../workflows/verify-cluster.md) this statement and compare t
So far, this page described how an entire Constellation cluster can be verified using hardware attestation capabilities and runtime measurements.
The last missing link is how the ground truth in the form of runtime measurements can be securely distributed to the verifying party.
The build process of Constellation images also creates the ground truth runtime measurements. <!-- soon: The builds of Constellation images are reproducible and the measurements of an image can be recalculated and verified by everyone. -->
The build process of Constellation images also creates the ground truth runtime measurements. The builds of Constellation images are reproducible and the measurements of an image can be recalculated and verified by everyone.
With every release, Edgeless Systems publishes signed runtime measurements.
The CLI executable is also signed by Edgeless Systems.