From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with archive (Exim 4.43)
	id 1MeDyP-0003Uf-Oa
	for mharc-grub-devel@gnu.org; Thu, 20 Aug 2009 16:11:01 -0400
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1MeDyO-0003QA-AQ
	for grub-devel@gnu.org; Thu, 20 Aug 2009 16:11:00 -0400
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1MeDyM-0003K4-H3
	for grub-devel@gnu.org; Thu, 20 Aug 2009 16:10:59 -0400
Received: from [199.232.76.173] (port=48626 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1MeDyM-0003Jo-By
	for grub-devel@gnu.org; Thu, 20 Aug 2009 16:10:58 -0400
Received: from mindfields.own-hero.net ([85.214.113.156]:44818)
	by monty-python.gnu.org with esmtps
	(TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.60)
	(envelope-from <decoder@own-hero.net>) id 1MeDyL-0006Yg-KM
	for grub-devel@gnu.org; Thu, 20 Aug 2009 16:10:58 -0400
Received: by mindfields.own-hero.net (Postfix, from userid 500)
	id 41D5470104; Thu, 20 Aug 2009 22:10:55 +0200 (CEST)
Received: from [192.168.1.32] (unknown [93.186.4.35])
	by mindfields.own-hero.net (Postfix) with ESMTP id CFB2070083
	for <grub-devel@gnu.org>; Thu, 20 Aug 2009 22:10:53 +0200 (CEST)
Message-ID: <4A8DADF3.8040109@own-hero.net>
Date: Thu, 20 Aug 2009 22:11:31 +0200
From: decoder <decoder@own-hero.net>
User-Agent: Thunderbird 2.0.0.21 (X11/20090302)
MIME-Version: 1.0
To: The development of GRUB 2 <grub-devel@gnu.org>
References: <4A8BDB5B.5000407@labri.fr>	<200908201008.01687.michael@gorven.za.net>	<a5d587fb0908200120u631f3ae7o8819e12fad3aa042@mail.gmail.com>	<200908201033.21202.michael@gorven.za.net>	<a5d587fb0908200358j1a5a279as4175b322361b261b@mail.gmail.com>	<4A8D7A47.90704@duboucher.eu>
	<20090820174705.GA18371@thorin>	<4A8D9776.9030809@own-hero.net>
	<20090820200211.GA28050@thorin>
In-Reply-To: <20090820200211.GA28050@thorin>
X-Enigmail-Version: 0.95.6
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature";
	micalg=sha1; boundary="------------ms070407060404010507070300"
X-Hashcash: 1:22:090820:grub-devel@gnu.org::fplVvv/+GggHwrow:0000000000000000000
	0000000000000000000000005IDS
X-detected-operating-system: by monty-python.gnu.org: GNU/Linux 2.6 (newer, 3)
Subject: Re: about smartcards (Re: TPM support status ?)
X-BeenThere: grub-devel@gnu.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: The development of GRUB 2 <grub-devel@gnu.org>
List-Id: The development of GRUB 2 <grub-devel.gnu.org>
List-Unsubscribe: <http://lists.gnu.org/mailman/listinfo/grub-devel>,
	<mailto:grub-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/grub-devel>
List-Post: <mailto:grub-devel@gnu.org>
List-Help: <mailto:grub-devel-request@gnu.org?subject=help>
List-Subscribe: <http://lists.gnu.org/mailman/listinfo/grub-devel>,
	<mailto:grub-devel-request@gnu.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Aug 2009 20:11:00 -0000

This is a cryptographically signed message in MIME format.

--------------ms070407060404010507070300
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit

Robert Millan wrote:
>> This is wrong. Smartcards of course have a an interface to interact with  
>> them.
>>     
>
> Yes, but it's usually just a button or similar.  It doesn't behave like a
> computer.
>   
What I meant is the software interface. There are crypto protocols to 
interact with a smartcard and they are similar to the TPM protocols.
> The same happens with your oven or your fridge.  They run software and have a
> user interface, but they don't work like a computer.
>
>   
>> And yes, you could use a Smartcard to do DRM.
>>     
>
> No, you can't.  What you can do is use the smartcard for authentication
> in a computer that has been previously rigged against its user.  In this
> case it is the computer which implements DRM, not the card.
>   
The TPM module itself does not implement DRM either... It provides the 
necessary crypto routines, a smartcard does so too.
> What does this have to do with anything?  Being passive doesn't prevent it
> from being used in coercion schemes like:
>
>   "Either you use this TPM to certify you're running Crippleware Reader
>    2.0 or you can't read this book"
>   
You can use a smartcard as well for that purpose. Crippleware Reader 2.0 
can cryptographically make sure that the smartcard is attached, and 
refuse to work otherwise. And you can make the Smartcard a requirement 
to read the book.

I don't really see the point why people keep bashing the TPM module for 
purposes like DRM. It's not the TPM module that is bad, but the stuff 
that people plan to do with it.


Chris


--------------ms070407060404010507070300
Content-Type: application/x-pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"
Content-Description: S/MIME Cryptographic Signature

MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIJ7TCC
Az8wggKooAMCAQICAQ0wDQYJKoZIhvcNAQEFBQAwgdExCzAJBgNVBAYTAlpBMRUwEwYDVQQI
EwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEaMBgGA1UEChMRVGhhd3RlIENv
bnN1bHRpbmcxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2aXNpb24xJDAi
BgNVBAMTG1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBDQTErMCkGCSqGSIb3DQEJARYccGVy
c29uYWwtZnJlZW1haWxAdGhhd3RlLmNvbTAeFw0wMzA3MTcwMDAwMDBaFw0xMzA3MTYyMzU5
NTlaMGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3dGUgQ29uc3VsdGluZyAoUHR5KSBM
dGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwgSXNzdWluZyBDQTCBnzAN
BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxKY8VXNV+065yplaHmjAdQRwnd/p/6Me7L3N9Vvy
Gna9fww6YfK/Uc4B1OVQCjDXAmNaLIkVcI7dyfArhVqqP3FWy688Cwfn8R+RNiQqE88r1fOC
dz0Dviv+uxg+B79AgAJk16emu59l0cUqVIUPSAR/p7bRPGEEQB5kGXJgt/sCAwEAAaOBlDCB
kTASBgNVHRMBAf8ECDAGAQH/AgEAMEMGA1UdHwQ8MDowOKA2oDSGMmh0dHA6Ly9jcmwudGhh
d3RlLmNvbS9UaGF3dGVQZXJzb25hbEZyZWVtYWlsQ0EuY3JsMAsGA1UdDwQEAwIBBjApBgNV
HREEIjAgpB4wHDEaMBgGA1UEAxMRUHJpdmF0ZUxhYmVsMi0xMzgwDQYJKoZIhvcNAQEFBQAD
gYEASIzRUIPqCy7MDaNmrGcPf6+svsIXoUOWlJ1/TCG4+DYfqi2fNi/A9BxQIJNwPP2t4WFi
w9k6GX6EsZkbAMUaC4J0niVQlGLH2ydxVyWN3amcOY6MIE9lX5Xa9/eH1sYITq726jTlEBpb
NU1341YheILcIRk13iSx0x1G/11fZU8wggNRMIICuqADAgECAhB/+JKnvdBUupK5VoAjDqjF
MA0GCSqGSIb3DQEBBQUAMGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3dGUgQ29uc3Vs
dGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwgSXNz
dWluZyBDQTAeFw0wOTAyMTgwOTU1NThaFw0xMDAyMTgwOTU1NThaMIGUMQ8wDQYDVQQEEwZI
b2xsZXIxEjAQBgNVBCoTCUNocmlzdGlhbjEZMBcGA1UEAxMQQ2hyaXN0aWFuIEhvbGxlcjEj
MCEGCSqGSIb3DQEJARYUZGVjb2RlckBvd24taGVyby5uZXQxLTArBgkqhkiG9w0BCQEWHmRl
Y29kZXJAd2pwc2VydmVyLmNzLnVuaS1zYi5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
AQoCggEBAOe9eQ89Xghdu02wve0XFE1Ohujht4DOZ0ZvSiCretDkVAl2OQkg8yjBjVzeXmh/
C1emgtL0qOigRct2Fr2jR7JS5XWY3H96uYOwleUQ2YIoHiOgZd8t9x0GKcgBa4KSoxCPSEFS
jOeDRZURiRxV5rn1damNZo1Qgd12tCR/bLotlQ9bRTri/QmFcNoyTZAQbr6DlND5CaKq6f4q
YJHALiS38EootbaK7XMQhixbmBgH14Y9FYjr/WSo3/P5Jj60DJw+4DiE574HlTDmnG5jskik
lOJOTtNUab38Z1ySB2csPtrS6aBXapNoaDB2KXaN+0V31/UGo0N4kzSabMabxJ0CAwEAAaNR
ME8wPwYDVR0RBDgwNoEUZGVjb2RlckBvd24taGVyby5uZXSBHmRlY29kZXJAd2pwc2VydmVy
LmNzLnVuaS1zYi5kZTAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBBQUAA4GBACkaGj3Ek4Tg
g98haHSvTOLXgLRaQdxH2lmoHatVUDaBHLO90l5MDb34Dt9/fSPQrGvIgAAQirRZZ8ivKriC
0bTfBp9Yo4WZhvTdRkT84ZFM/fQE9BZf27u+KVnwt4cfjpKjw1iSiq1vomITlDFKuFfVk7Pt
fBY2Yqi24tnHGB/wMIIDUTCCArqgAwIBAgIQf/iSp73QVLqSuVaAIw6oxTANBgkqhkiG9w0B
AQUFADBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkg
THRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIElzc3VpbmcgQ0EwHhcN
MDkwMjE4MDk1NTU4WhcNMTAwMjE4MDk1NTU4WjCBlDEPMA0GA1UEBBMGSG9sbGVyMRIwEAYD
VQQqEwlDaHJpc3RpYW4xGTAXBgNVBAMTEENocmlzdGlhbiBIb2xsZXIxIzAhBgkqhkiG9w0B
CQEWFGRlY29kZXJAb3duLWhlcm8ubmV0MS0wKwYJKoZIhvcNAQkBFh5kZWNvZGVyQHdqcHNl
cnZlci5jcy51bmktc2IuZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnvXkP
PV4IXbtNsL3tFxRNTobo4beAzmdGb0ogq3rQ5FQJdjkJIPMowY1c3l5ofwtXpoLS9KjooEXL
dha9o0eyUuV1mNx/ermDsJXlENmCKB4joGXfLfcdBinIAWuCkqMQj0hBUozng0WVEYkcVea5
9XWpjWaNUIHddrQkf2y6LZUPW0U64v0JhXDaMk2QEG6+g5TQ+Qmiqun+KmCRwC4kt/BKKLW2
iu1zEIYsW5gYB9eGPRWI6/1kqN/z+SY+tAycPuA4hOe+B5Uw5pxuY7JIpJTiTk7TVGm9/Gdc
kgdnLD7a0umgV2qTaGgwdil2jftFd9f1BqNDeJM0mmzGm8SdAgMBAAGjUTBPMD8GA1UdEQQ4
MDaBFGRlY29kZXJAb3duLWhlcm8ubmV0gR5kZWNvZGVyQHdqcHNlcnZlci5jcy51bmktc2Iu
ZGUwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQUFAAOBgQApGho9xJOE4IPfIWh0r0zi14C0
WkHcR9pZqB2rVVA2gRyzvdJeTA29+A7ff30j0KxryIAAEIq0WWfIryq4gtG03wafWKOFmYb0
3UZE/OGRTP30BPQWX9u7vilZ8LeHH46So8NYkoqtb6JiE5QxSrhX1ZOz7XwWNmKotuLZxxgf
8DGCA2QwggNgAgEBMHYwYjELMAkGA1UEBhMCWkExJTAjBgNVBAoTHFRoYXd0ZSBDb25zdWx0
aW5nIChQdHkpIEx0ZC4xLDAqBgNVBAMTI1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBJc3N1
aW5nIENBAhB/+JKnvdBUupK5VoAjDqjFMAkGBSsOAwIaBQCgggHDMBgGCSqGSIb3DQEJAzEL
BgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTA5MDgyMDIwMTEzMVowIwYJKoZIhvcNAQkE
MRYEFDKCTayVx1KDldaOrU7APCzle+WuMFIGCSqGSIb3DQEJDzFFMEMwCgYIKoZIhvcNAwcw
DgYIKoZIhvcNAwICAgCAMA0GCCqGSIb3DQMCAgFAMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEo
MIGFBgkrBgEEAYI3EAQxeDB2MGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3dGUgQ29u
c3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwg
SXNzdWluZyBDQQIQf/iSp73QVLqSuVaAIw6oxTCBhwYLKoZIhvcNAQkQAgsxeKB2MGIxCzAJ
BgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3dGUgQ29uc3VsdGluZyAoUHR5KSBMdGQuMSwwKgYD
VQQDEyNUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwgSXNzdWluZyBDQQIQf/iSp73QVLqSuVaA
Iw6oxTANBgkqhkiG9w0BAQEFAASCAQCeQQTEPYY0WCcdvf3mXrzHZkz3G9j3/k6jgeiv66we
xKsXnQ1qO3U/LpJxq0ZEYnD69s2pQevXxPXHXnlmpNTUXXl1WeZ7IMDdUnGkWOmUnZEz+Br+
Qt2U4sqwh+mXGkxiNOyPM1P/zummrpUchK/34jWPnhUbrQefx7n9Nwi1XZ7WWs6fIbh661UM
b+5kVpbeRtfE4YFG5bz1qYdBZ8tf/aF1ATymQK5whNloNjE6pEKfLlgke014FvDYo8ZnSX2R
nw6iOg9k6u6FBRVd+xXBNpVCfo/9EtCbkEuOizrfsdCCUOwGsAHN3nJFhZZsO848VkltTa7O
acyWVOJLTIiJAAAAAAAA
--------------ms070407060404010507070300--