On Mon, 2011-07-18 at 14:06 +0100, Matthew Garrett wrote: > Following is the list of topics that will be discussed in the FESCo > meeting today at 17:00UTC (1:00pm EDT) in #fedora-meeting on > irc.freenode.net. > > Links to all tickets below can be found at: > https://fedorahosted.org/fesco/report/9 > > = Followups = > > #topic #608 F16Feature: Trusted Boot - > .fesco 608 I tried to understand what it is about but the density of acronyms is far beyond my ability to cope with them. The links presented in #608 are: http://www.intel.com/technology/malwarereduction/index.htm - one-page description geared towards laymen. That is, it is so dumbed down it doesn't actually explain anything. http://download.intel.com/technology/security/downloads/315168.pdf - the opposite. Typical fragment: >TXT unaware VMMs and OS kernels assume control of application >processors during boot using INIT-SIPI-SIPI mechanism. Upon receipt of >a SIPI, the processor resumes execution at the specified SIPI vector. My reaction: "Er... What?" I don't say we don't need Trusted Boot. I'd say whoever wants to include Trusted Boot into Fedora needs to spend some time to describe what is it, how it is implemented - in terms understandable to average Linux hacker! - and why it may be useful to have it in Fedora. I think the same should be applicable to any other addition. About TB per se: I personally would want to understand how it is possible in principle to ensure that machine wasn't tampered with. I personally tampered with some machines. The first thing I hacked is always the code which checks integrity. > If you would like to add something to this agenda, you can reply to > this e-mail, file a new ticket at https://fedorahosted.org/fesco, > e-mail me directly, or bring it up at the end of the meeting, during > the open floor topic. Note that added topics may be deferred until > the following meeting. > > -- > Matthew Garrett | mjg59@xxxxxxxxxxxxx -- vda -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
