dstack-capsule: Pod-Level Remote Attestation for Confidential Workloads on Kubernetes 事件

dstack-capsule: Pod-Level Remote Attestation for Confidential Workloads on Kubernetes arXiv:2606.03323v1 Announce Type: cross Abstract: The rise of LLM-as-a-Service and other confidential cloud workloads demands cryptographic proof that user data is processed in a trusted, untampered environment. Existing solutions, notably Confidential Containers (CoCo), enforce a strict "one Pod per VM" model that attests only the Guest OS stack, leaving container-level identity unverified and incurring prohi