Common use cases for key attestation are:

• Issuing code signing certificates for subscriber keys, verifying that the subscribers private signature key is generated and managed in an approved cryptographic device.
• Issuing digital signature certificate for subscriber keys, verifying that the subscribers private signature key is generated and managed in an approved cryptographic device.

There are other ways to achieve the same purpose, such as shipping hardware devices (USB tokens, smart cards, etc) to the subscriber, or requiring a formal audit of the key generation procedure from the subscriber. Using remote key attestation makes this process more efficient and possible to automate in a larger scale.

Sigstore root-signing - https://github.com/sigstore/root-signing/blob/main/playbooks/ORCHESTRATION.md

PIV Attestation - https://developers.yubico.com/PIV/Introduction/PIV_attestation.html

Reference

• https://pkic.org/remote-key-attestation/