From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with archive (Exim 4.43)
	id 1Latnx-0007Nn-TV
	for mharc-grub-devel@gnu.org; Sat, 21 Feb 2009 10:30:13 -0500
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1Latnw-0007NU-MH
	for grub-devel@gnu.org; Sat, 21 Feb 2009 10:30:12 -0500
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1Latnu-0007N7-Jz
	for grub-devel@gnu.org; Sat, 21 Feb 2009 10:30:12 -0500
Received: from [199.232.76.173] (port=40620 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1Latnu-0007N3-Dx
	for grub-devel@gnu.org; Sat, 21 Feb 2009 10:30:10 -0500
Received: from mammon.mene.za.net ([78.46.253.195]:41494 helo=mail.mene.za.net)
	by monty-python.gnu.org with esmtps
	(TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.60)
	(envelope-from <michael@gorven.za.net>) id 1Latnt-0005t6-UJ
	for grub-devel@gnu.org; Sat, 21 Feb 2009 10:30:10 -0500
Received: from mail.mene.za.net (localhost [127.0.0.1])
	by mail.mene.za.net (Postfix) with ESMTP id F21FA33A5E3
	for <grub-devel@gnu.org>; Sat, 21 Feb 2009 16:30:00 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=gorven.za.net; h=from:to
	:subject:date:references:in-reply-to:mime-version:content-type
	:content-transfer-encoding:message-id; s=alpha; bh=jIZ9+tRUMDaV8
	WQVZWkg8sFEfTg=; b=DGXAkNF7apxaP62KprXPCy76x51EmltcAOJsvhlGZhw0j
	RL7fNJtf1xtohoN+mvlvUXPO3ZgoYL0Vkc5z47j+bgXkLqGgu5foAAPbIpO7uhQ4
	dOkj/yVQyUghVg92+hc/ceeyaNVIWeTuruP8CYsqnito3LNGvsKlTN+NnFvVBk=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gorven.za.net; h=from:to:subject
	:date:references:in-reply-to:mime-version:content-type
	:content-transfer-encoding:message-id; q=dns; s=alpha; b=DGrbDCt
	Fd6v9FDzrzNAPumZlrc0My/RqRWGXaUYgJl+wwWkzZOtupL8B0eWICV7bQYd5b3l
	F4+0SQjghVg4uBJMMoMEifLRQF/XfEbu0p4pvGGVfhdrGseTdfLYav00+W7E9SvT
	eWF1itWMlyClYY7X4EMntpse2amewXX8xK90=
Received: from molech (dsl-241-58-76.telkomadsl.co.za [41.241.58.76])
	by mail.mene.za.net (Postfix) with ESMTPSA id 91F3633A5AE
	for <grub-devel@gnu.org>; Sat, 21 Feb 2009 16:29:59 +0100 (CET)
From: Michael Gorven <michael@gorven.za.net>
To: The development of GRUB 2 <grub-devel@gnu.org>
Date: Sat, 21 Feb 2009 17:29:34 +0200
User-Agent: KMail/1.9.10
References: <f9ca530f0902190943w37b6b6d1pb28d78748607a772@mail.gmail.com>
	<200902200945.51426.michael@gorven.za.net>
	<20090221135142.GK16068@thorin>
In-Reply-To: <20090221135142.GK16068@thorin>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="nextPart11362023.9zK1ilbm0y";
	protocol="application/pgp-signature"; micalg=pgp-sha1
Content-Transfer-Encoding: 7bit
Message-Id: <200902211729.52450.michael@gorven.za.net>
X-detected-operating-system: by monty-python.gnu.org: GNU/Linux 2.6 (newer, 1)
Subject: Re: A _good_ and valid use for TPM
X-BeenThere: grub-devel@gnu.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: The development of GRUB 2 <grub-devel@gnu.org>
List-Id: The development of GRUB 2 <grub-devel.gnu.org>
List-Unsubscribe: <http://lists.gnu.org/mailman/listinfo/grub-devel>,
	<mailto:grub-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/grub-devel>
List-Post: <mailto:grub-devel@gnu.org>
List-Help: <mailto:grub-devel-request@gnu.org?subject=help>
List-Subscribe: <http://lists.gnu.org/mailman/listinfo/grub-devel>,
	<mailto:grub-devel-request@gnu.org?subject=subscribe>
X-List-Received-Date: Sat, 21 Feb 2009 15:30:13 -0000

--nextPart11362023.9zK1ilbm0y
Content-Type: text/plain;
  charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

On Saturday 21 February 2009 15:51:42 Robert Millan wrote:
> On Fri, Feb 20, 2009 at 09:45:28AM +0200, Michael Gorven wrote:
> > TPM can be used for good or for bad, but this is the case for everything
> > involving cryptography. We don't refuse to use encryption algorithms
> > because they could be used for DRM, so why should we refuse to use TPM?
>
> I don't agree with this analogy.  Unlike cryptography, TPMs have been
> designed from the ground up to serve an evil purpose.  They *could* have
> designed them with good intent, for example either of these could apply:
>
>   - Buyer gets a printed copy of the TPM's private key when they buy a
> board.
>
>   - An override button that's physically accessible from the chip can be
>     used to disable "hostile mode" and make the TPM sign everything.  From
>     that point physical access can be managed with traditional methods
> (e.g. locks).
>
> But they didn't.

Just to clarify, are you objecting to the use of TPM on principle and becau=
se=20
you don't want to encourage use of it, or because you think this specific u=
se=20
(trusted boot path) is dangerous?

Michael

=2D-=20
http://michael.gorven.za.net
PGP Key ID 6612FE85
S/MIME Key ID AAF09E0E

--nextPart11362023.9zK1ilbm0y
Content-Type: application/pgp-signature; name=signature.asc 
Content-Description: This is a digitally signed message part.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQBJoB3wO9SWvWYS/oURAmf7AJ0cSSmVcfc2Yvgjop2SgmMMQ8wH+wCdE1A4
8dGofNVpCTcJb1grXLZ+Ru0=
=2BWu
-----END PGP SIGNATURE-----

--nextPart11362023.9zK1ilbm0y--