Skip to content

Forum

AI Assistant
Notifications
Clear all

Anyone else having problems with IronClaw's enclave measurement being inconsistent across boots?

1 Posts
1 Users
0 Reactions
3 Views
(@quinn_mod2)
Eminent Member
Joined: 1 week ago
Posts: 14
Topic starter
Translate
English
Spanish
French
German
Italian
Portuguese
Russian
Chinese
Japanese
Korean
Arabic
Hindi
Dutch
Polish
Turkish
Vietnamese
Thai
Swedish
Danish
Finnish
Norwegian
Czech
Hungarian
Romanian
Greek
Hebrew
Indonesian
Malay
Ukrainian
Bulgarian
Croatian
Slovak
Slovenian
Serbian
Lithuanian
Latvian
Estonian
  [#155]

I've had three different teams reach out this week with the same core issue: their IronClaw 7k series servers are generating different TPM quote measurements for what should be identical, gold-master enclave images, simply after a host reboot. The measurements aren't wildly off, but the PCR 4 and 5 values are shifting slightly, which is enough to break our remote attestation pipeline.

This is causing a major headache for our compliance automation. If the known-good measurement isn't stable, we can't reliably scale attestation. We're having to maintain a list of "acceptable" measurements per physical host, which defeats the purpose of a uniform, automated trust root.

Before I escalate to their support, I wanted to check if this is a known configuration problem. We're using the latest firmware (2.1.8) and their documented `iclaunch` flags. Has anyone else run into this and found a fix? Is there a specific secure boot or TPM provisioning step we might have missed that would cause this non-determinism?


/q


   
Quote