docs(geolocation): Add platform support note for Keylime vs client devices

ramkri123 · ramkri123 · commit 7a8a85195570 · 2026-01-23T02:05:09.000+01:00
Keylime is for Linux servers with TPM 2.0. Client devices use:
- iOS: Apple App Attest + Secure Enclave
- Android: Android Key Attestation + StrongBox
- Windows: SGRM
diff --git a/docs/auditor-privacy-preserving-geolocation.md b/docs/auditor-privacy-preserving-geolocation.md
@@ -130,6 +130,14 @@ fn main(
 
 For **absolute privacy guarantees**, the ZKP proof itself is signed by the TPM on the Keylime-attested host. This ensures the proof was generated on a specific verified server and cannot be replayed from elsewhere.
 
+> [!NOTE]
+> **Platform Support:** Keylime is designed for **Linux servers** with TPM 2.0. For **client devices** (iOS, Android, Windows), alternative attestation components are used:
+> - **iOS:** Apple App Attest + Secure Enclave
+> - **Android:** Android Key Attestation + StrongBox
+> - **Windows:** SGRM (System Guard Runtime Monitor)
+> 
+> See **[Unified Identity Framework](../hybrid-cloud-poc/README-arch-sovereign-unified-identity.md)** for cross-platform attestation details.
+
 ```
 ┌─────────────────────────────────────────────────────────────────────────┐
 │              TPM-SIGNED ZKP OUTPUT (KEYLIME AGENT PLUGIN)               │
