Setting the policy to Enabled lets users use the hardware on Google Chrome OS devices to remotely attest its identity to the privacy CA through the Enterprise Platform Keys API using chrome.enterprise.platformKeys.challengeUserKey().
Setting the policy to Disabled or leaving it unset has calls to the API fail with an error code.
Registry Hive | HKEY_CURRENT_USER |
Registry Path | Software\Policies\Google\ChromeOS |
Value Name | AttestationEnabledForUser |
Value Type | REG_DWORD |
Enabled Value | 1 |
Disabled Value | 0 |