Comment by microtonal
4 hours ago
Every Android system support remote attestation. It's part of AOSP. Google just decided not to use it, because Play Integrity allows them to lock in phone manufacturers and force them (per leaked agreements) to preinstall a bunch of Google apps and require to run Play Services and some other components privileged on the system.
Play Integrity checks if app was tampered with. Hardware attestations can only guarantee key's source and cannot be used to check app integrity.
I specifically referred to the remote attestation functionality in Play Integrity and that that can be replaced by AOSPs APIs, since the linked post is about remote attestation.
Play Integrity actually does both and passing remote attestation is necessary to pass Play Integrity at the strong level. Remote attestation is used for this level, since a modified OS could fool DroidGuard.
I'm sorry if my comment was not clear in what I was referring to.
Something being in AOSP doesn't mean your distro has to retain it. Besides, the world doesn't end on Android systems.