On Thu, 2010-04-01 at 15:02 +1100, James Morris wrote:
On Wed, 31 Mar 2010, Eric Paris wrote:
> Simple answer is 'because Intel says so.' I'm sorry but I don't
think
> I'm allowed to divulge any reasons Intel may or may not have shared with
> Red Hat.
It seems odd to me that the full design and operation of a security
mechanism is not being made available, and that the reasons for this
are also not able to be divulged.
Note that an SINIT AC module was recently reverse engineered, found to be
buggy, and then used break TXT:
http://theinvisiblethings.blogspot.com/2009/12/another-txt-attack.html
I really hope the secrecy of the AC module is not part of its security
design.
In any case, I don't see any technical reason not to enable the option.
As far as I know the security of TXT in no way relies upon keeping the
SINIT module closed source.
--
Stephen Smalley
National Security Agency