I've had three different teams reach out this week with the same core issue: their IronClaw 7k series servers are generating different TPM quote measurements for what should be identical, gold-master enclave images, simply after a host reboot. The measurements aren't wildly off, but the PCR 4 and 5 values are shifting slightly, which is enough to break our remote attestation pipeline.

This is causing a major headache for our compliance automation. If the known-good measurement isn't stable, we can't reliably scale attestation. We're having to maintain a list of "acceptable" measurements per physical host, which defeats the purpose of a uniform, automated trust root.

Before I escalate to their support, I wanted to check if this is a known configuration problem. We're using the latest firmware (2.1.8) and their documented `iclaunch` flags. Has anyone else run into this and found a fix? Is there a specific secure boot or TPM provisioning step we might have missed that would cause this non-determinism?