From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with archive (Exim 4.43) id 1LbEOO-0001ZL-77 for mharc-grub-devel@gnu.org; Sun, 22 Feb 2009 08:29:12 -0500 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1LbEOK-0001Y7-Q7 for grub-devel@gnu.org; Sun, 22 Feb 2009 08:29:08 -0500 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1LbEOJ-0001XT-2H for grub-devel@gnu.org; Sun, 22 Feb 2009 08:29:08 -0500 Received: from [199.232.76.173] (port=48561 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1LbEOI-0001XP-VG for grub-devel@gnu.org; Sun, 22 Feb 2009 08:29:06 -0500 Received: from xsmtp1.ethz.ch ([82.130.70.13]:29279) by monty-python.gnu.org with esmtp (Exim 4.60) (envelope-from ) id 1LbEOI-0006Wh-JO for grub-devel@gnu.org; Sun, 22 Feb 2009 08:29:06 -0500 Received: from xfe1.d.ethz.ch ([82.130.124.41]) by xsmtp1.ethz.ch with Microsoft SMTPSVC(6.0.3790.3959); Sun, 22 Feb 2009 14:28:59 +0100 Received: from [192.168.2.71] ([81.221.97.38]) by xfe1.d.ethz.ch over TLS secured channel with Microsoft SMTPSVC(6.0.3790.3959); Sun, 22 Feb 2009 14:28:59 +0100 Message-ID: <49A152BD.6010907@student.ethz.ch> Date: Sun, 22 Feb 2009 14:27:25 +0100 From: Jan Alsenz User-Agent: Thunderbird 2.0.0.19 (X11/20090104) MIME-Version: 1.0 To: The development of GRUB 2 X-Enigmail-Version: 0.95.7 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig80311FD244946DFCFB4DBA80" X-OriginalArrivalTime: 22 Feb 2009 13:28:59.0166 (UTC) FILETIME=[84BB33E0:01C994F1] X-detected-operating-system: by monty-python.gnu.org: Windows 2000 SP4, XP SP1+ Subject: GRUB trusted boot framework X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: The development of GRUB 2 List-Id: The development of GRUB 2 List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 22 Feb 2009 13:29:09 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig80311FD244946DFCFB4DBA80 Content-Type: text/plain; charset=ISO-8859-15 Content-Transfer-Encoding: quoted-printable Hello! Alright, lets try to end the pointless (in the sense, that I guess noone = here, including myself, will change their opinion anytime soon) TPM discussion = and get something done. First I'd say we can agree, that we don't agree on whether/how to use a T= PM. I don't know about you, but I can perfectly live with that! Next I think we can agree, that some sort of trusted boot chain can be us= eful. Also there should be more than one implementation for this (or at least t= he possibility to have them). If we could agree on this, then I think we could find a way to extend the= GRUB module system to fully allow this. =46rom my point of view the minimal needed features for these systems are= : - easy exchange of the MBR binary to be installed - easy exchange of the core.img loader binary - hooks for any disk read (not sure if write is necessary) (I didn't check if any of these is already implemented) Last part to agree on would then be, that these infrastructure features s= hould be in the mainline code. That way it would be easy to develop various trusted boot solutions (and probably some other systems too), but keep all the controversial code out= of mainline. Greets, Jan --------------enig80311FD244946DFCFB4DBA80 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) iEYEARECAAYFAkmhUsIACgkQfZylhtn4XvfQTACgh5oM0FN+1PpdC0YuJfu1Vud8 WNIAoM/pq5mvm0rsGDdOm/WHUQNsm+ce =UXzl -----END PGP SIGNATURE----- --------------enig80311FD244946DFCFB4DBA80--