Trusted Execution Environments (TEEs) have become an essential mechanism for securing cloud deployments, more so recently for confidential AI applications. TEEs provide remote attestation of the TEE state through secure hashes signed with device-specific cryptographic keys, but the interpretation and guarantees of these hashes, such as the link between source code and runtime attestation values, need to be established separately. Current methods rely on ad-hoc systems to track this semantic information, which establish these attributes at build time because they are difficult to determine at runtime. This paper proposes an emerging idea to address this limitation through endorsement services, an abstraction for asserting the authenticity and enabling the discovery of attributes about trusted services. Endorsement services also facilitate the dynamic discovery of trusted services that meet specified properties. This abstraction ultimately aims to enhance the flexibility and trustworthiness of confidential compute deployments.