Trusted Boot in Fedora

http://fedoraproject.org/wiki/Features/Trusted_Boot is a proposed feature for F16. We've traditionally had a hard objection to the functionality because it required either the distribution or downloading of binary code that ran on the host CPU, but it seems that there'll shortly be systems that incorporate the appropriate sinit blob in their BIOS, which is a boundary we've traditionally been fine with. However, this is the kind of feature that has a pretty significant impact on the distribution as a whole. Fesco decided that we should probably have a broader discussion about the topic. The most obvious issues are finding a sensible way to incorporate this into Anaconda, but it's also then necessary to make sure that bootloader configuration is updated appropriately. Outside that, is there any other impact? Does tboot perform any verification of the kernels, and if so how is that configured? Is the expectation that an install configured with TXT will only boot trusted kernels, and if so what mechanism is used to verify the kernel? Is there any further integration work that has to be performed for this to be useful? -- Matthew Garrett | mjg59(a)srcf.ucam.org