Extend README and configuration documentation. #24
Conversation
This commit elaborates on nitriding's features, documents the purpose of our configuration variables, and explains what tooling is necessary to get the example application to work.
| // Debug can be set to true to see debug messages, i.e., if you are | ||
| // starting the enclave in debug mode by running: |
There was a problem hiding this comment.
It would be nice if the framework could ask the supervisor if it's in debug mode, but I don't see an interface for that.
There was a problem hiding this comment.
One could implement this by asking for an attestation document and checking if its PCR values are all zeroed out. I filed https://github.com/brave/nitriding/issues/25 for this.
| // 2) your enclave application makes HTTP requests over the Internet. | ||
| // If so, set SOCKSProxy to "socks5://127.0.0.1:1080". |
There was a problem hiding this comment.
Maybe mention this port number must match the one given to viproxy on the host instance?
There was a problem hiding this comment.
It actually doesn't have to because this variable only controls the in-enclave IP-to-VSOCK proxy. There's a viproxy instance running on both the host and inside the enclave. We should probably remove this variable from the config struct because it's confusing and there aren't many good reasons to change it.
This commit elaborates on nitriding's features, documents the purpose of
our configuration variables, and explains what tooling is necessary to
get the example application to work.