Date: Fri, 7 Jul 2023 19:05:29 +0100
On Fri, 7 Jul 2023, 18:11 1one1 via Std-Proposals, <
std-proposals_at_[hidden]> wrote:
>
> **Document number**: PXXXXR0
> **Date**: 2023-07-07
> **Project**: Programming Language C++
> **Reply to**: ahshabazz
>
> # Proposal to introduce a Hardware Security Namespace to the C++ Standard
> Library
>
> ## Introduction
>
> This paper proposes the addition of a new hardware security namespace to
> the C++ Standard Library to allow developers to better leverage
> hardware-level security features in a platform-independent manner. This
> proposal is intended as a high level architecture agnostic secure compute
> model because as of today both Intel, AMD, and many other vendors have
> introduced various security measures in their hardware, such as Intel's
> Software Guard Extensions (SGX). An API in the C++ standard for these
> features could provide developers with the tools to ensure secure
> computation and data protection.
>
Does this API actually fit with how SGX works? You haven't bothered to
explain that.
Will it also work for other possible hardware extensions on other
processors, or will it only be suitable for x86? If the latter, it doesn't
belong in the standard. If the former, how do you know? Have you researched
it? Why didn't the proposal mention anything about it?
What will the proposed features do if run on ARM hardware? Our older Intel
hardware without SGX support? Or new Intel hardware with SGX disabled?
This is not a proposal for adding anything to the standard, it's half an
idea.
std-proposals_at_[hidden]> wrote:
>
> **Document number**: PXXXXR0
> **Date**: 2023-07-07
> **Project**: Programming Language C++
> **Reply to**: ahshabazz
>
> # Proposal to introduce a Hardware Security Namespace to the C++ Standard
> Library
>
> ## Introduction
>
> This paper proposes the addition of a new hardware security namespace to
> the C++ Standard Library to allow developers to better leverage
> hardware-level security features in a platform-independent manner. This
> proposal is intended as a high level architecture agnostic secure compute
> model because as of today both Intel, AMD, and many other vendors have
> introduced various security measures in their hardware, such as Intel's
> Software Guard Extensions (SGX). An API in the C++ standard for these
> features could provide developers with the tools to ensure secure
> computation and data protection.
>
Does this API actually fit with how SGX works? You haven't bothered to
explain that.
Will it also work for other possible hardware extensions on other
processors, or will it only be suitable for x86? If the latter, it doesn't
belong in the standard. If the former, how do you know? Have you researched
it? Why didn't the proposal mention anything about it?
What will the proposed features do if run on ARM hardware? Our older Intel
hardware without SGX support? Or new Intel hardware with SGX disabled?
This is not a proposal for adding anything to the standard, it's half an
idea.
Received on 2023-07-07 18:05:45