On 06/24/2011 03:24 AM, Gregory Maxwell wrote:
On Fri, Jun 24, 2011 at 4:07 AM, Rahul Sundaram
<metherid(a)gmail.com> wrote:
> If you have *specific* concerns, let's hear those. You seem to just
> quoting parts of a public wiki page anyone can read. I don't see the
> point of that
If trusted boot in fedora is widely deployed, then $random_things may
demand I use a particular fedora kernel in order to access them. Both
handcapping my personal freedom to tinker with my own computer by
imposing new costs on it, and hampering the Fedora project by creating
additional friction against upgrades.
("Sorry, I can't upgrade to the new kernel to test that, because then
I won't be able to watch netflicks!")
Would it be possible or practical to ship tboot in Fedora with the
user-serving protections enabled - verifying the kernel/initrd for
secure disk encryption, for instance - but disabling remote attestation
and similar features in the default configuration?
If there's a way that I can harness the TPM to ensure the integrity of
my boot path - and it is sufficiently transparent that I am confident of
what it is doing, and can build and sign my own kernels if desired - I
would be interested in that. However, I appreciate (and largely agree
with) Gregory's concerns about being an enabler for a broader restricted
computing ecosystem.
- Michael