From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with archive (Exim 4.43) id 1LazFP-0000fB-BK for mharc-grub-devel@gnu.org; Sat, 21 Feb 2009 16:18:55 -0500 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1LazFM-0000et-EL for grub-devel@gnu.org; Sat, 21 Feb 2009 16:18:52 -0500 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1LazFG-0000eZ-Up for grub-devel@gnu.org; Sat, 21 Feb 2009 16:18:51 -0500 Received: from [199.232.76.173] (port=42868 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1LazFG-0000eW-QP for grub-devel@gnu.org; Sat, 21 Feb 2009 16:18:46 -0500 Received: from xsmtp1.ethz.ch ([82.130.70.13]:15686) by monty-python.gnu.org with esmtp (Exim 4.60) (envelope-from ) id 1LazFG-0003Yx-Cc for grub-devel@gnu.org; Sat, 21 Feb 2009 16:18:46 -0500 Received: from xfe1.d.ethz.ch ([82.130.124.41]) by xsmtp1.ethz.ch with Microsoft SMTPSVC(6.0.3790.3959); Sat, 21 Feb 2009 22:18:37 +0100 Received: from [192.168.2.105] ([81.221.97.38]) by xfe1.d.ethz.ch over TLS secured channel with Microsoft SMTPSVC(6.0.3790.3959); Sat, 21 Feb 2009 22:18:37 +0100 Message-ID: <49A06F4E.1000802@student.ethz.ch> Date: Sat, 21 Feb 2009 22:17:02 +0100 From: Jan Alsenz User-Agent: Thunderbird 2.0.0.19 (X11/20090104) MIME-Version: 1.0 To: The development of GRUB 2 References: <200902211729.52450.michael@gorven.za.net> <20090221203136.GF18492@thorin> <200902212243.31194.michael@gorven.za.net> <20090221210439.GJ18492@thorin> In-Reply-To: <20090221210439.GJ18492@thorin> X-Enigmail-Version: 0.95.7 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig43AFEF3CCD8543907893D0BD" X-OriginalArrivalTime: 21 Feb 2009 21:18:37.0435 (UTC) FILETIME=[F5E014B0:01C99469] X-detected-operating-system: by monty-python.gnu.org: Windows 2000 SP4, XP SP1+ Subject: Re: A _good_ and valid use for TPM X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: The development of GRUB 2 List-Id: The development of GRUB 2 List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 21 Feb 2009 21:18:52 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig43AFEF3CCD8543907893D0BD Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Robert Millan wrote: > On Sat, Feb 21, 2009 at 10:43:16PM +0200, Michael Gorven wrote: >>>> Just to clarify, are you objecting to the use of TPM on principle an= d >>>> because you don't want to encourage use of it, or because you think = this >>>> specific use (trusted boot path) is dangerous? >>> I can't reply to this question, because it's not just a specific use,= it's >>> part of the design, of its purpose. One of the design goals is remot= e >>> attestation, which is a threat to our freedom and is unethical. >>> >>> If there was a device that behaves like a TPM except remote attestati= on is >>> not possible (e.g. by one of the means described above), I wouldn't o= bject >>> to it, and I think the GNU project wouldn't either, but then referrin= g to >>> that as "TPM" is misleading. >> I wasn't actually referring to the remote attestation. Just using the = TPM to=20 >> store a disk encryption key sealed with PCR registers, so that it woul= d only=20 >> be provided once it's been verified that GRUB hasn't been changed.=20 >> (Personally I wouldn't want to use remote attestation at all.) >=20 > First of all, I think it's a poor approach, because there's no way to g= arantee > the TPM is doing what it's supposed to (can you read its source code? = how do > you know for sure there are no backdoors?). As I said before: you can make the very same argument for every single pa= rt of your PC. Why do you trust Intel or AMD with your CPU? They are also involved in th= e TCG! Greets, Jan --------------enig43AFEF3CCD8543907893D0BD Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) iEYEARECAAYFAkmgb1QACgkQfZylhtn4XvdCfQCeOFuV2dSSzmfZp2xzymO5LKRF rEIAoJEIYk5sxY9DLFfXlQECvYEmCAcv =tyQd -----END PGP SIGNATURE----- --------------enig43AFEF3CCD8543907893D0BD--