On Tue, 2020-04-28 at 10:18 -0500, Michael Catanzaro wrote: > Hi, > > The Workstation Working Group would like to solicit feedback on three > outstanding Workstation issues: > > * fedora-workstation#54, "Default disk partitioning layout for > Workstation" [1][2] > * fedora-workstation#82, "encryption of user data (excludes system)" > [3][4] > * fedora-workstation#136, "encryption of system data (excludes user)" > [5][6] > > We've been brainstorming on these issues for quite a while, and are > wondering if a wider audience might be able to help us decide what to > do. These are long threads, so I've posted summary comments [2][4][6] > in an attempt to summarize what I see as the most important points of > the previous discussion, but there's a lot of previous discussion and > it would be ideal to read or at least skim as much as possible to get a > feeling for what's already been considered before responding. I > encourage replies in the issues themselves, rather than on-list, to > keep discussion in one place. (An impossible expectation, I know....) > > Michael > > [1] https://pagure.io/fedora-workstation/issue/54 > [2] https://pagure.io/fedora-workstation/issue/54#comment-644749 > [2] https://pagure.io/fedora-workstation/issue/82 > [4] https://pagure.io/fedora-workstation/issue/82#comment-644750 > [5] https://pagure.io/fedora-workstation/issue/136 > [6] https://pagure.io/fedora-workstation/issue/136#comment-644752 I commented on the first because I have direct experience over time. I have a hard time commenting over the next 2 becuse it seem like the probelm is not just technical, but there is no clear vision of whether there is one and only one solution or if multiple solutions need to be considered. I personally prefer to encrypt the whole disk, because the machine I care for encrypting is a laptop that can potentially be stolen/displaced easily. However I do not care at all that there are two different step (encryption password and separate account password), and in fact I prefer to keep them separate because I join the laptop to a separate IDM system so the account password is not managed by the laptop. I would love to have TPM integration, but just using TPM is useless for my use case, because if they steal my laptop they also get my TPM chip. TPM is cool only as an additional component but alone it is somewhat useless. If clevis is used then you can compose the TPM *and* a passphrase (or other item like a tang server or a phone/bluetooth beacon). That said, I am pretty sure there are cases of shared environment (say media station at home) where users may like encryption but definitely do not want to use 2 passwords. In that case using integrity to protect read-only partitions and encryption only on personal homes makes a lot more sense. So in the end I do not believe you can come up with a single schema for "workstation" unless you narrow down the scope of workstation to a smaller set of use cases to the exclusion of the others. Simo. -- Simo Sorce RHEL Crypto Team Red Hat, Inc _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
