On 04/08/2016 10:28 AM, Matthew Garrett wrote: > With what we now know about malicious actors targeting the system boot > chain (even down to the firmware), this kind of TPM-based work is a > vital part of helping keep our users secure. On the other hand, it can easily be abused to restrict user freedom. For example, video streaming sites might not be willing to serve content to users who cannot cryptographically prove they are running an approved operating system with an approved browser. Remote attestation only works with a trusted counterpart who rejects access once a breach is detected. Who do you expect to be the counterpart for Fedora users? Is there anyone who offers such a service without also requiring to use their own operating system? Florian -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx http://lists.fedoraproject.org/admin/lists/devel@xxxxxxxxxxxxxxxxxxxxxxx
