Comment 20 for bug 1456228

I understand that it has been conclude that nova is not the place to address this security issue from above discussions.. However documenting will not make this issue goes away, while it actually probable give a clue to people who really want to compromise a trusted host..

Can anyone shed some lights on, which component should perform such check so a VM that are supposed on trusted host only can't not be powered on on a compromised host, especially in this case attestation server has already figured out the hose is no longer trusted?