Immutable container runtimes sounds powerful, however I don't see how it can be proved/enforced. Do you have any pointers to how they work? @aljaz do you know anything about this?
Login to reply
Replies (1)
Well container images are by definition immutable since you know what hash you are running on, if you pair that with remote attestation you get crypographically provable environment which is also the fundamental part of confidential computing