[RFC][Proposal] : Plugin API for provisioning CA secrets from external PKIs/Key servers

[avalluri]

Currently, for CA provisiong (non selfsign case) the TCS is instantiate a QutoeAttestation CR with the SGX quote details and, depends on an attestation controller to reconcile the CR and provision the issuer CA secrets to the enclave. Attestation controller uses the configured key server plugin(s) to validate the quote and fetching the encrypted secret from the key server. There are a few caveats in this design:

• The TCS enclave quote exposed in the QuoteAttestation CR can be read or altered by som maliciaou application which has the appropriate permission. This could happen in a cluster where access QuoteAttestation CR is not protected by the appropriate RBAC rules.
• Some malicious enclave application initiates the attestation request with it's own quote and public-key, and could steal the CA secrets.
• Unnecessary additional Kubernetes instance with sensitive data (quote), which could be avoided.

Instead, I would like to propose that , the TCS itself provides a gRPC plugin API for attestation and secret provisioning. Key severs can integrated by implementing this API. And the plugin has to run as sidecar to TCS container and exposes the plugin service over UNIX domain socket. So in this case the quote is shared in secure channel to the plugin.

[avalluri]

• @ipuustin, @irisdingbj , @poussa