Secure creation of encrypted virtual machines from encrypted templates

What is claimed is: 1. In a computing environment, a method of booting a machine in a secure fashion in a potentially unsecure environment, the method comprising: a target machine beginning a boot process based on a template; the target machine determining that it needs provisioning data to continue booting; the target machine contacting a secure infrastructure to obtain the provisioning data; the target machine providing an identity claim that can be verified by the secure infrastructure; the target machine generating an established key sealed to the target machine; subsequent to providing the identity claim, the target machine providing the established key to the secure infrastructure; the target machine receiving the provisioning data from the secure infrastructure, wherein the provisioning data is encrypted to the established key; and the target machine decrypting the encrypted provisioning data, and using the provisioning data to verify that the template is acceptable for use in booting the target machine, and then using the provisioning data to finish booting the target machine. 2. The method of claim 1 , wherein using the provisioning data to finish booting comprises using the provisioning data to connect to network storage to perform a network boot. 3. The method of claim 1 , wherein using the provisioning data to finish booting comprises using the provisioning data to join a cluster of machines. 4. The method of claim 1 , wherein using the provisioning data to finish booting comprises using the provisioning data to create a virtual machine (VM) on a host where the provisioning data comprises data for the VM. 5. The method of claim 1 , wherein the method further includes: the target machine receiving the template, the template being encrypted; and the target machine re-encrypting the template to the target machine. 6. The method of claim 1 , wherein the method further includes: the target machine receiving the template, the template being unencrypted; and the target machine encrypting the template to the target machine. 7. The method of claim 1 , further comprising injecting secret data into the target machine after verifying that the template is acceptable for use in booting the target machine. 8. The method of claim 1 , further comprising: receiving non-secret data to be injected into the target machine; determining that the non-secret data is data in a category of non-secret data that is allowed to be injected into the target machine; and as a result of the determining, injecting the non-secret data into the target machine. 9. A computing system comprising: one or more processors; and one or more storage device having stored computing executable instructions which are executable by the one or more processors to cause the computing system to implement a method of booting in a secure fashion in a potentially unsecure environment, wherein the computing system includes a target machine and wherein the method comprises: the target machine beginning a boot process based on a template; the target machine determining that it needs provisioning data to continue booting; the target machine contacting a secure infrastructure to obtain the provisioning data; the target machine providing an identity claim that can be verified by the secure infrastructure; the target machine generating an established key sealed to the target machine; subsequent to providing the identity claim, the target machine providing the established key to the secure infrastructure; the target machine receiving the provisioning data from the secure infrastructure, wherein the provisioning data is encrypted to the established key; and the target machine decrypting the encrypted provisioning data, and using the provisioning data to verify that the template is acceptable for use in booting the target machine, and then using the provisioning data to finish booting the target machine. 10. The computing system of claim 9 , wherein using the provisioning data to finish booting comprises using the provisioning data to connect to network storage to perform a network boot. 11. The computing system of claim 9 , wherein using the provisioning data to finish booting comprises using the provisioning data to join a cluster of machines. 12. The computing system of claim 9 , wherein using the provisioning data to finish booting comprises using the provisioning data to create a virtual machine (VM) on a host where the provisioning data comprises data for the VM. 13. The computing system of claim 9 , wherein the method further includes: the target machine receiving the template, the template being encrypted; and the target machine re-encrypting the template to the target machine. 14. The computing system of claim 9 , wherein the method further includes: the target machine receiving the template, the template being unencrypted; and the target machine encrypting the template to the target machine. 15. The computing system of claim 9 , further comprising injecting secret data into the target machine after verifying that the template is acceptable for use in booting the target machine. 16. The computing system of claim 9 , further comprising: receiving non-secret data to be injected into the target machine; determining that the non-secret data is data in a category of non-secret data that is allowed to be injected into the target machine; and as a result of the determining, injecting the non-secret data into the target machine. 17. One or more computer readable physical storage media comprising computer executable instructions stored thereon that are executable by one or more processors of a computing system that includes a target machine to cause the target machine to implement a method of booting in a secure fashion in a potentially unsecure environment, wherein the method comprises: the target machine beginning a boot process based on a template; the target machine determining that it needs provisioning data to continue booting; the target machine contacting a secure infrastructure to obtain the provisioning data; the target machine providing an identity claim that can be verified by the secure infrastructure; the target machine generating an established key sealed to the target machine; subsequent to providing the identity claim, the target machine providing the established key to the secure infrastructure; the target machine receiving the provisioning data from the secure infrastructure, wherein the provisioning data is encrypted to the established key; and the target machine decrypting the encrypted provisioning data, and using the provisioning data to verify that the template is acceptable for use in booting the target machine, and then using the provisioning data to finish booting the target machine. 18. The computing system of claim 9 , wherein using the provisioning data to finish booting comprises using the provisioning data to connect to network storage to perform a network boot and to join a cluster of machines. 19. The computing system of claim 9 , wherein using the provisioning data to finish booting comprises using the provisioning data to create a virtual machine (VM) on a host where the provisioning data comprises data for the VM. 20. The computing system of claim 9 , wherein the method further includes: the target machine receiving the template; and when the template is encrypted, the target machine re-encrypting the template to the target machine, or else, when the template is unencrypted