From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with archive (Exim 4.43)
	id 1Me2gy-0005aQ-MR
	for mharc-grub-devel@gnu.org; Thu, 20 Aug 2009 04:08:16 -0400
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1Me2gx-0005aH-32
	for grub-devel@gnu.org; Thu, 20 Aug 2009 04:08:15 -0400
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1Me2gw-0005Zl-8f
	for grub-devel@gnu.org; Thu, 20 Aug 2009 04:08:14 -0400
Received: from [199.232.76.173] (port=39673 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1Me2gw-0005Zc-3R
	for grub-devel@gnu.org; Thu, 20 Aug 2009 04:08:14 -0400
Received: from mammon.mene.za.net ([78.46.253.195]:46048 helo=mail.mene.za.net)
	by monty-python.gnu.org with esmtps
	(TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.60)
	(envelope-from <michael@gorven.za.net>) id 1Me2gv-0005J2-JT
	for grub-devel@gnu.org; Thu, 20 Aug 2009 04:08:13 -0400
Received: from mail.mene.za.net (localhost [127.0.0.1])
	by mail.mene.za.net (Postfix) with ESMTP id D7B967E2F6
	for <grub-devel@gnu.org>; Thu, 20 Aug 2009 10:08:10 +0200 (SAST)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=gorven.za.net; h=from:to
	:subject:date:references:in-reply-to:mime-version:content-type
	:content-transfer-encoding:message-id; s=alpha; bh=W2rX2Y/oEvgBW
	mFH76oRKHoyEDs=; b=uYu6kXg9Y7o3J2v1SG+XHTRlqfU4PfQZC5bni+px6PXmx
	F6bIwIe9ph+88wMWQiN7d+RrFptpaWgNWhxQPtgZGIxFXJNtZ44oljKiJkFfJQNB
	chYndPpPG4pdN3KJN009QPSCdnV0u1f0AQVr3OV8eGTTBbtg18BYi3zCRhya20=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gorven.za.net; h=from:to
	:subject:date:references:in-reply-to:mime-version:content-type
	:content-transfer-encoding:message-id; q=dns; s=alpha; b=b2TbyAL
	IGkuraED4aGyVDfNTvaMsnnZ2OxHVmSQZT4KXYspX3a4bJ2WmJcOJzyAw2pGHl5b
	f9LmL4Vk/AL4LKIe+dCN1sLSr2OPgVdr8Hp7myR/xiw5DVJnWvkMAFlFxvEOz8NT
	rCY1+lQjW/EYn/EtjniBA8BjzavOs4z6pr6Q=
Received: from molech (dsl-241-125-225.telkomadsl.co.za [41.241.125.225])
	by mail.mene.za.net (Postfix) with ESMTPSA id 66D537E2EE
	for <grub-devel@gnu.org>; Thu, 20 Aug 2009 10:08:10 +0200 (SAST)
From: Michael Gorven <michael@gorven.za.net>
To: The development of GRUB 2 <grub-devel@gnu.org>
Date: Thu, 20 Aug 2009 10:07:33 +0200
User-Agent: KMail/1.9.10
References: <4A8BDB5B.5000407@labri.fr>
	<200908200952.29010.michael@gorven.za.net>
	<a5d587fb0908200059s3c0eb737jceef1eb1f66094b1@mail.gmail.com>
In-Reply-To: <a5d587fb0908200059s3c0eb737jceef1eb1f66094b1@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="nextPart7682927.NviiBs9iII";
	protocol="application/pgp-signature"; micalg=pgp-sha1
Content-Transfer-Encoding: 7bit
Message-Id: <200908201008.01687.michael@gorven.za.net>
X-detected-operating-system: by monty-python.gnu.org: GNU/Linux 2.6 (newer, 2)
Subject: Re: TPM support status ?
X-BeenThere: grub-devel@gnu.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: The development of GRUB 2 <grub-devel@gnu.org>
List-Id: The development of GRUB 2 <grub-devel.gnu.org>
List-Unsubscribe: <http://lists.gnu.org/mailman/listinfo/grub-devel>,
	<mailto:grub-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/grub-devel>
List-Post: <mailto:grub-devel@gnu.org>
List-Help: <mailto:grub-devel-request@gnu.org?subject=help>
List-Subscribe: <http://lists.gnu.org/mailman/listinfo/grub-devel>,
	<mailto:grub-devel-request@gnu.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Aug 2009 08:08:15 -0000

--nextPart7682927.NviiBs9iII
Content-Type: text/plain;
  charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

On Thursday 20 August 2009 09:59:42 Michal Suchanek wrote:
> 2009/8/20 Michael Gorven <michael@gorven.za.net>:
> > On Thursday 20 August 2009 09:49:06 Michal Suchanek wrote:
> >> 2009/8/20 Michael Gorven <michael@gorven.za.net>:
> >> > On Wednesday 19 August 2009 21:21:28 Michal Suchanek wrote:
> >> >> Tell me one technical benefit of TPM over coreboot.
> >> >
> >> > Coreboot doesn't provide protected storage of secrets (e.g. harddrive
> >> > decryption keys).
> >>
> >> TPM does not either at the time the BIOS is loaded. Remember, it's the
> >> CPU what's running the BIOS, not the TPM chip.
> >>
> >> Only after BIOS enables TPM or coreboot enables any crypto device you
> >> choose you get any secrets or keys.
> >
> > So? It's still protected storage. You can read a BIOS chip, but you can=
't
> > just read the contents of a TPM chip.
>
> You can use decent crypto storage rather than half-broken TPM. There
> is no advantage to using it.

Like what?

=2D-=20
http://michael.gorven.za.net
PGP Key ID 1E016BE8
S/MIME Key ID AAF09E0E

--nextPart7682927.NviiBs9iII
Content-Type: application/pgp-signature; name=signature.asc 
Content-Description: This is a digitally signed message part.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iQIVAwUASo0EYYOxIz1l+OmhAQq9ZRAArSE408URDzGILeB56QjV4YSt40wpGF+7
zbQiv8UNMy4E6xaCh7Fsmw9tbML17pRJg9S8XRLE7oaWF94loLlMn5EylWFMLgyc
+kC3MtxaJUS7p+ABIBZWmCdtm7K3Sw6mH4dvbCXeWmCW+hT3QQGiZBtLIJkkDQSe
zUS8A1kAo4iG+xQnYU5BnoV+UVm8H9nNFL5CEANHbMsIeW2cu5mvE7MyCG9g/dNZ
Qb98XW1+I2JnAcQXal3DgMtT5jlmefuh1k8n/+8cuzDT9se9F3xa7PmnJHdQvDoS
GRAGveGYQAwishevQm5scKJw0+zkr3VJKEIXqtLiBa71Uz2wG7Np3Pfzq3jz3VOB
HFGz8PnkrcKtdWPLTvNzpaL93XATRuMNWPhC5fRUypV1LXeQ9ARmrS2gBDV9SIvB
W5N9hMEWk1HwIvPoaKcIH7zdNd18dISZtyqhzh9T8vNSNIIYGIoJ+cyBwlUwszfb
mODZ07B+VeP8zO07KZhDx3PkUkPH9U04lLnxM6Hlmi8k66dEHBeXosPNCADopfHX
CRWMDV8XOcylJWMC4wYGqDxASvdmYFonF056C6sPyzXk6mGZ1/3KNiRnDtUC4AIp
HJNiWvBzAIcRE+0Pf/BxFrF7jkhVKHztu6gG63gDTogomGO1VHchi8jD7+E7c4Hn
rGHyt7U/3AU=
=2S1F
-----END PGP SIGNATURE-----

--nextPart7682927.NviiBs9iII--