[api]

> "it would allow you to securely run a VM in the cloud that is protected against someone who controls the hypervisor"

> Attestation uses an on-chip certificate signed by an AMD master key during fabrication.

This is absolutely fantastic for security in the cloud, but it is important to note that this will not protect against nation state level actors.

Rest assured that the USG will obtain the AMD master signing key with or without AMD's permission. Other nation states may do likewise. The rest will have to wait for a leak, and if that key is leaked this feature will become almost nonexistent.