Earlier this year, Intel announced that they will be shutting down their SGX IAS, which is the attestation service for older trusted execution technologies. Although the deadline of April 2025 may seem far away, migrations typically take longer than expected. Companies that have built their systems on SGX are now scrambling to switch to Intel TDX or AMD SEV. Unfortunately, these options aren't simple drop-in replacements because the APIs and security models differ. I noticed a lot of discussion about this in the community, especially since many production workloads relied on SGX due to its maturity. It's frustrating to have to rebuild critical infrastructure when a vendor decides to discontinue support. I'm curious to hear about the broader impact this had—how many production systems are still using SGX attestation and need to migrate?
2 Answers
This situation has been tough for anyone invested in confidential computing. The migration timeline has been challenging, especially considering the number of production systems running on SGX.
We faced this issue earlier this year too. We had about 200 nodes running on SGX and just wrapped up our migration last month. It was a nightmare!
200 nodes sounds like a major hassle! Did you end up going with TDX or AMD SEV?