On Mon, 2011-06-27 at 16:53 +0200, Miloslav Trmač wrote: > On Mon, Jun 27, 2011 at 4:08 PM, Simo Sorce <simo@xxxxxxxxxx> wrote: > > On Mon, 2011-06-27 at 15:12 +0200, Miloslav Trmač wrote: > >> On Mon, Jun 27, 2011 at 12:11 PM, Andrew Haley <aph@xxxxxxxxxx> wrote: > >> > On 24/06/11 20:49, Miloslav Trmač wrote: > >> >> The purpose of the blob is to "measure" the system state; only the > >> >> blob (and hardware reset) is allowed to restart the "measuring" > >> >> process in the TPM. For this to work securely, the blob must be > >> >> signed by someone that the TPM itself trusts - otherwise an attacker > >> >> could replace the blob by something that lies about the system state. > <snip> > > Trusting the manufacturer to not put bugs/backdoors is one thing. > > Having to depend on the manufacturer to sign your boot sequence is > > entirely different, doesn't scale and is generally not welcome. > > The hardware manufacturer _only_ signs the sinit blob. Any kernel/OS > you use can be measured/"protected" by the TPM without any further > involvement of the manufacturer. How does the sinit blob verify the kernel ? Can you add some documentation about that in the feature page request as others have asked please ? Thanks, Simo. -- Simo Sorce * Red Hat, Inc * New York -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
