From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with archive (Exim 4.43) id 1LaswO-0003Br-LA for mharc-grub-devel@gnu.org; Sat, 21 Feb 2009 09:34:52 -0500 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1LaswM-0003Bb-MB for grub-devel@gnu.org; Sat, 21 Feb 2009 09:34:50 -0500 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1LaswK-0003BB-84 for grub-devel@gnu.org; Sat, 21 Feb 2009 09:34:49 -0500 Received: from [199.232.76.173] (port=47562 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1LaswK-0003B8-2V for grub-devel@gnu.org; Sat, 21 Feb 2009 09:34:48 -0500 Received: from aybabtu.com ([69.60.117.155]:42273) by monty-python.gnu.org with esmtps (TLS-1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.60) (envelope-from ) id 1LaswJ-0000KF-CB for grub-devel@gnu.org; Sat, 21 Feb 2009 09:34:47 -0500 Received: from [192.168.10.10] (helo=thorin) by aybabtu.com with esmtp (Exim 4.69) (envelope-from ) id 1Laspj-0007Dx-C0 for grub-devel@gnu.org; Sat, 21 Feb 2009 15:27:59 +0100 Received: from rmh by thorin with local (Exim 4.69) (envelope-from ) id 1LaswC-0004Lg-EL for grub-devel@gnu.org; Sat, 21 Feb 2009 15:34:40 +0100 Date: Sat, 21 Feb 2009 15:34:40 +0100 From: Robert Millan To: The development of GRUB 2 Message-ID: <20090221143440.GA16682@thorin> References: <499DB343.9020301@gmail.com> <499DF97E.1080800@student.ethz.ch> <20090221134607.GJ16068@thorin> <49A00DB7.2080003@student.ethz.ch> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <49A00DB7.2080003@student.ethz.ch> Organization: free as in freedom X-Message-Flag: Worried about Outlook viruses? Switch to Thunderbird! www.mozilla.com/thunderbird X-Debbugs-No-Ack: true User-Agent: Mutt/1.5.18 (2008-05-17) X-detected-operating-system: by monty-python.gnu.org: Genre and OS details not recognized. Subject: Re: A _good_ and valid use for TPM X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: The development of GRUB 2 List-Id: The development of GRUB 2 List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 21 Feb 2009 14:34:51 -0000 On Sat, Feb 21, 2009 at 03:20:39PM +0100, Jan Alsenz wrote: > > > > "remote attestation" is only useful when you want to coerce others into > > running your (generaly proprietary) software. I hope this is not what you > > want to do. > Yes, this is exactly what he tries do to: convince his keyserver, that the > requesting server runs, what it's supposed to. > > Which is exactly remote attestation, just in this case he controls both sides, > which I think makes it an interesting use of the technology. That would be like trying to rob yourself by threatening yourself with a gun, instead of simply drawing money from your wallet. If you just want to ensure noone is tampering your box, simply make your box tamper-proof. You don't need a protocol to allow third parties to check anything. > > This is unnecessary. Once GRUB supports crypto, it can simply load > > itself from an encrypted filesystem on disk. An image can be of > > arbitrary size. > Ok, but where does it get the key from? The public key (or just a hash) can be embedded in GRUB itself. In the instance of GRUB that goes to the flash chip, that is. > And how can wherever the key comes from be sure that it's talking to GRUB? Because you put it there, and made sure noone can overwrite it afterwards. -- Robert Millan The DRM opt-in fallacy: "Your data belongs to us. We will decide when (and how) you may access your data; but nobody's threatening your freedom: we still allow you to remove your data and not access it at all."