From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with archive (Exim 4.43)
	id 1Lb2vz-0003zj-Dh
	for mharc-grub-devel@gnu.org; Sat, 21 Feb 2009 20:15:07 -0500
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1Lb2vy-0003zW-1t
	for grub-devel@gnu.org; Sat, 21 Feb 2009 20:15:06 -0500
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1Lb2vw-0003z7-MG
	for grub-devel@gnu.org; Sat, 21 Feb 2009 20:15:05 -0500
Received: from [199.232.76.173] (port=38103 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1Lb2vw-0003z3-D9
	for grub-devel@gnu.org; Sat, 21 Feb 2009 20:15:04 -0500
Received: from main.gmane.org ([80.91.229.2]:55380 helo=ciao.gmane.org)
	by monty-python.gnu.org with esmtps (TLS-1.0:RSA_AES_256_CBC_SHA1:32)
	(Exim 4.60) (envelope-from <gcbgd-grub-devel@m.gmane.org>)
	id 1Lb2vv-0007z6-V9
	for grub-devel@gnu.org; Sat, 21 Feb 2009 20:15:04 -0500
Received: from root by ciao.gmane.org with local (Exim 4.43)
	id 1Lb2vu-0004oZ-Ny
	for grub-devel@gnu.org; Sun, 22 Feb 2009 01:15:02 +0000
Received: from ip.82.144.214.15.stat.volia.net ([82.144.214.15])
	by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
	id 1AlnuQ-0007hv-00
	for <grub-devel@gnu.org>; Sun, 22 Feb 2009 01:15:02 +0000
Received: from cyberax by ip.82.144.214.15.stat.volia.net with local (Gmexim
	0.1 (Debian)) id 1AlnuQ-0007hv-00
	for <grub-devel@gnu.org>; Sun, 22 Feb 2009 01:15:02 +0000
X-Injected-Via-Gmane: http://gmane.org/
To: grub-devel@gnu.org
From: Alex Besogonov <cyberax@staffdirector.net>
Date: Sun, 22 Feb 2009 03:14:07 +0200
Message-ID: <gnq8sv$cm$1@ger.gmane.org>
References: <f9ca530f0902190943w37b6b6d1pb28d78748607a772@mail.gmail.com>		<499DB343.9020301@gmail.com>		<f9ca530f0902191300m8b742cahd691f038ffd7ff89@mail.gmail.com>		<499DF97E.1080800@student.ethz.ch>	<f9ca530f0902191703r48015c32h7d54cfac9b32cae3@mail.gmail.com>
	<499E6007.9050902@student.ethz.ch>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Complaints-To: usenet@ger.gmane.org
X-Gmane-NNTP-Posting-Host: ip.82.144.214.15.stat.volia.net
User-Agent: Thunderbird 2.0.0.17 (Windows/20080914)
In-Reply-To: <499E6007.9050902@student.ethz.ch>
Sender: news <news@ger.gmane.org>
X-detected-operating-system: by monty-python.gnu.org: GNU/Linux 2.6,
	seldom 2.4 (older, 4)
Subject: Re: A _good_ and valid use for TPM
X-BeenThere: grub-devel@gnu.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: The development of GRUB 2 <grub-devel@gnu.org>
List-Id: The development of GRUB 2 <grub-devel.gnu.org>
List-Unsubscribe: <http://lists.gnu.org/mailman/listinfo/grub-devel>,
	<mailto:grub-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/grub-devel>
List-Post: <mailto:grub-devel@gnu.org>
List-Help: <mailto:grub-devel-request@gnu.org?subject=help>
List-Subscribe: <http://lists.gnu.org/mailman/listinfo/grub-devel>,
	<mailto:grub-devel-request@gnu.org?subject=subscribe>
X-List-Received-Date: Sun, 22 Feb 2009 01:15:06 -0000

Jan Alsenz wrote:
>>> Yeah, but an attacker could patch that out too.
>> Not if we first measure the MBR. It can be done without any
>> TPM-specific code in the MBR if I'm not very mistaken.
> Could you elaborate on that?
> E.g. where do you measure the MBR from?
MBR is automatically measured by the TPM module, it requires no 
intervention from GRUB.

-- 
With respect,
             Alex Besogonov (cyberax@staffdirector.net)