types/persist: add AttestationKey (#17281)
Extend Persist with AttestationKey to record a hardware-backed attestation key for the node's identity. Add a flag to tailscaled to allow users to control the use of hardware-backed keys to bind node identity to individual machines. Updates tailscale/corp#31269 Change-Id: Idcf40d730a448d85f07f1bebf387f086d4c58be3 Signed-off-by: Patrick O'Doherty <patrick@tailscale.com>
This commit is contained in:
Patrick O'Doherty
committed by
GitHub
GitHub
parent
a2dc517d7d
commit
e45557afc0
@@ -141,6 +141,10 @@ const (
|
||||
// It's a noop on other platforms.
|
||||
EncryptState Key = "EncryptState"
|
||||
|
||||
// HardwareAttestation is a boolean key that controls whether to use a
|
||||
// hardware-backed key to bind the node identity to this device.
|
||||
HardwareAttestation Key = "HardwareAttestation"
|
||||
|
||||
// PostureChecking indicates if posture checking is enabled and the client shall gather
|
||||
// posture data.
|
||||
// Key is a string value that specifies an option: "always", "never", "user-decides".
|
||||
|
||||
Reference in New Issue
Block a user