Boot-time vs. runtime integrity

Attestation proves what booted, not necessarily what's running now. Event logs, runtime measurements, and their limitations.

Trust assumption

A valid attestation quote tells you the initial state was correct. It says nothing about what happened after boot.

Content informed by: research/ — runtime measurement analysis and event log patterns.