From af4e41a88980cd81557b498775a4e331944e8263 Mon Sep 17 00:00:00 2001 From: Philipp Winter Date: Mon, 1 May 2023 16:05:30 -0500 Subject: [PATCH 1/2] Archive the brave/nitriding repository. --- README.md | 60 +++---------------------------------------------------- 1 file changed, 3 insertions(+), 57 deletions(-) diff --git a/README.md b/README.md index 927a527..7adddeb 100644 --- a/README.md +++ b/README.md @@ -1,58 +1,4 @@ -
- Nitriding logo -
+# This repository is unmaintained ---- - -[![GoDoc](https://pkg.go.dev/badge/github.com/brave/nitriding?utm_source=godoc)](https://pkg.go.dev/github.com/brave/nitriding) - -This Go tool kit makes it possible to run your application inside an -[AWS Nitro Enclave](https://aws.amazon.com/ec2/nitro/nitro-enclaves/). -Let's assume that you built a Web service in Rust. You can now use nitriding to -move your Rust code into a secure enclave, making it possible for your users to -remotely verify that you are in fact running the code that you claim to run. -Nitriding provides the following features: - -* Automatically obtains an HTTPS certificate (either self-signed or via - [Let's Encrypt](https://letsencrypt.org)) - for clients to securely connect to your enclave over the Internet. Nitriding - can act as a TLS-terminating reverse HTTP proxy for your application, so your - application does not have to deal with obtaining certificates. - -* Automatically exposes an HTTPS endpoint for remote attestation. After having - audited your enclave's source code, your users can conveniently verify the - enclave's image by using a tool like - [verify-enclave](https://github.com/brave-experiments/verify-enclave) - and running: - - ``` - make verify CODE=/path/to/code/ ENCLAVE=https://enclave.com/enclave/attestation - ``` - -* Are you building an application that uses a protocol other than HTTP? If so, - nitriding makes it possible to register a hash over your application's public - key material which is subsequently included in the - [attestation document](https://docs.aws.amazon.com/enclaves/latest/user/nitro-enclave-concepts.html#term-attestdoc). - This allows your users to verify that their connection is securely terminated - inside the enclave, regardless of the protocol that you are using. - -* Provides an API to scale enclave applications horizontally while synchronizing - state between enclaves. - -* AWS Nitro Enclaves only provide a highly constrained - [VSOCK channel](https://docs.aws.amazon.com/enclaves/latest/user/nitro-enclave-concepts.html#term-socket) - between the enclave and its host. Nitriding creates TAP interface inside the - enclave, allowing your application to transparently access the Internet - without having to worry about VSOCK, port forwarding, or tunneling. - -* Automatically initializes the enclave's entropy pool using the Nitro - hypervisor. - -To learn more about nitriding's trust assumptions, architecture, and build -system, take a look at our [research paper](https://arxiv.org/abs/2206.04123). - -## More documentation - -* [How to use nitriding](doc/usage.md) -* [System architecture](doc/architecture.md) -* [Example application](example/) +Development on this project is continuing under +[nitriding-daemon](https://github.com/brave/nitriding-daemon). From 54031569858c5e1ee7a7b2df04470d63d22db436 Mon Sep 17 00:00:00 2001 From: Philipp Winter Date: Mon, 1 May 2023 16:21:47 -0500 Subject: [PATCH 2/2] Relax security policy because repo is archived. --- SECURITY.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/SECURITY.md b/SECURITY.md index 1408b2b..e25a5aa 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -2,7 +2,8 @@ ## Supported Versions -All versions including and above the current stable release version number. +No versions in this repository as it is archived. +Refer instead to https://github.com/brave/nitriding-daemon. ## Reporting a Vulnerability