Jaroslav Reznik (jreznik@xxxxxxxxxx) said: > = Features/OpenAttestation = > https://fedoraproject.org/wiki/Features/OpenAttestation > > Feature owner(s): Gang Wei <gang.wei@xxxxxxxxx> > > Provide fedora packages for OpenAttestation to support Trusted Compute > Pools(TCP) feature in OpenStack since Folsom release & in future oVirt > releases. Wow, TCP is a horribly unfortunate acronym collision. > == Detailed description == > This feature would include mostly packaging OpenAttestation project for > fedora. > > * the source package will be named oat > * the binary packages will include oat-appraiser & oat-client If you're attempting to create a framework that attests the integrity of systems for use by 'trusted' software, it would (in theory) only be as secure as its weakest link. Given that... PHP? How does it intend to attest the OS in a rapidly updating Fedora environment? Just the kernel + initramfs? An image-based checksum such as what is used in ChromeOS? Bill -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
