## Attendees - [ ] @ansasaki - [ ] @aplanas - [ ] @deeglaze - [ ] @edwards-n - [ ] @ematery - [ ] @galmasi - [ ] @husky-parul - [ ] @Isaac-Matthews - [ ] @kkaarreell - [ ] @maugustosilva - [ ] @mayaCostantini - [ ] @marcostork - [ ] @mdrocco - [ ] @mbestavros - [ ] @mheese - [ ] @mruffin - [ ] @mpeters - [ ] Niteesh Dubey - [ ] @ruocco - [ ] @stringlytyped - [ ] @stefanberger - [ ] @THS-on - [ ] @tpletcher-hpe - [ ] @tylerfanelli - [ ] @ueno - [ ] @sarroutbi - [ ] @sergio-correia - [ ] @gnurugs - [ ] Shiva Dasari - [ ] Christian Schilling Time: 23/07/2025 15:00 UTC (https://www.timeanddate.com/worldclock/fixedtime.html?msg=Keylime+Meeting\&iso=20250723T15) Google Meet joining info Video call link: [https://meet.google.com/nos-bkdi-cnn](https://meet.google.com/nos-bkdi-cnn) Or dial: (DE) +49 30 300195060 PIN: 607 390 654 8381\# More phone numbers: [https://tel.meet/nos-bkdi-cnn?pin=6073906548381](https://tel.meet/nos-bkdi-cnn?pin=6073906548381) Or join via SIP: sip:6073906548381@gmeet.redhat.com ## Topics * Push model updates * `#keylime-push-attestation` channel on [CNCF Slack](https://slack.cncf.io) * Publicly accessible project: [https://github.com/orgs/keylime/projects/5](https://github.com/orgs/keylime/projects/5) * We achieved a big milestone: a complete attestation * Next steps: * Make the attestation continuous * Make the agent resilient to common network issues * Keylime and Post-Quantum Cryptography * Mentorship project CMW, EAT in collaboration with Veraison * [https://github.com/veraison/.github/issues/6](https://github.com/veraison/.github/issues/6) * Enhancements: * One shot attestation: [https://github.com/keylime/enhancements/pull/122](https://github.com/keylime/enhancements/pull/122) * Enhancement merged, [implementation proposed #1753](https://github.com/keylime/keylime/pull/1753) * TEE Boot Attestation: [https://github.com/keylime/enhancements/pull/108](https://github.com/keylime/enhancements/pull/108) * Closed as it became stale. A new related en hancement proposal was created * 123_verifier_evidence_types[https://github.com/keylime/enhancements/pull/124](https://github.com/keylime/enhancements/pull/124) * Newly open, about supporting other evidences types in the one-shot attestation endpoint * 126_verify_evidence_jwt https://github.com/keylime/enhancements/pull/127 * Add JWT format response for the one-shot attestation endpoint * Adding enhancement #98 for SPIRE integration[https://github.com/keylime/enhancements/pull/100](https://github.com/keylime/enhancements/pull/100) * Merged, implementation in https://github.com/keylime/spire-keylime-plugin * Open PRs: * Keylime: * [**#1781** - fix: resolve extreme line-too-long violations in keylime/tenant.py](https://github.com/keylime/keylime/pull/1781) * [**#1780** - Fix minor typo (exponantial->exponential)](https://github.com/keylime/keylime/pull/1780) * [**#1777** - Add support for CMW evidence format - server side](https://github.com/keylime/keylime/pull/1777) * [**#1753** - Initial version of verify evidence enhancement](https://github.com/keylime/keylime/pull/1753) * [**#1731** - Push authentication](https://github.com/keylime/keylime/pull/1731) * [**#1715** - Allow separate CA and logging configurations for components](https://github.com/keylime/keylime/pull/1715) * [**#1693** - Add agent-driven (push) attestation protocol](https://github.com/keylime/keylime/pull/1693) * [**#1670** - Add webhook for receiving and modifying registrar identity trust decisions](https://github.com/keylime/keylime/pull/1670) * [**#1668** - Add support for EK Certificate Chain, resolves #1552](https://github.com/keylime/keylime/pull/1668) * [**#1545** - Add support for a reject list in runtime policy](https://github.com/keylime/keylime/pull/1545) * Agent: * [**#1061** - Groom code (remove dead code)](https://github.com/keylime/rust-keylime/pull/1061) * [**#1051** - add support for CMW evidence format - agent side](https://github.com/keylime/rust-keylime/pull/1051) * [**#1043** - build(deps): bump clap from 4.5.39 to 4.5.41](https://github.com/keylime/rust-keylime/pull/1043) * [**#1027** - build(deps): bump pest from 2.8.0 to 2.8.1](https://github.com/keylime/rust-keylime/pull/1027) * [**#1025** - build(deps): bump actix-web from 4.10.2 to 4.11.0](https://github.com/keylime/rust-keylime/pull/1025) * [**#1023** - build(deps): bump cfg-if from 1.0.0 to 1.0.1](https://github.com/keylime/rust-keylime/pull/1023) * [**#1015** - build(deps): bump openssl from 0.10.72 to 0.10.73](https://github.com/keylime/rust-keylime/pull/1015) * [**#986** - Update rust-config to 0.15](https://github.com/keylime/rust-keylime/pull/986) * [**#658** - Remove deprecated zmq revocation notification feature](https://github.com/keylime/rust-keylime/pull/658)
Attendees
Time: 23/07/2025 15:00 UTC (https://www.timeanddate.com/worldclock/fixedtime.html?msg=Keylime+Meeting\&iso=20250723T15)
Google Meet joining info
Video call link: https://meet.google.com/nos-bkdi-cnn
Or dial: (DE) +49 30 300195060 PIN: 607 390 654 8381#
More phone numbers: https://tel.meet/nos-bkdi-cnn?pin=6073906548381
Or join via SIP: sip:6073906548381@gmeet.redhat.com
Topics
#keylime-push-attestationchannel on CNCF Slack