Support PARSEC - Fedora 33 Self-Contained Change proposal

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



https://fedoraproject.org/wiki/Changes/PARSEC

== Summary ==
PARSEC is the Platform AbstRaction for SECurity, an open-source
initiative to provide a common API to hardware security and
cryptographic services in a platform-agnostic way. This abstraction
layer keeps workloads decoupled from physical platform details,
enabling cloud-native delivery flows within the data center and at the
edge.
>From a hardware perspective the PARSEC daemon can currerntly use a
TPM2, HSM or an Arm TrustZone secure world application.

== Owner ==
* Name: [[User:pbrobinson| Peter Robinson]], [[User:puiterwijk |
Patrick Uiterwijk]]
* Email: [mailto:pbrobinson@xxxxxxxxx| pbrobinson@xxxxxxxxx],
[mailto:patrick@xxxxxxxxxxxxxx | patrick@xxxxxxxxxxxxxx]


== Detailed Description ==

PARSEC (Platform AbstRaction for SECurity) is an initiative started
out of Arm to provide a straight forward API for accessing secure
credentials stored in hardware. It's a sandbox project in the CNCF.

== Benefit to Fedora ==

PARSEC is a useful technology for Fedora because making HW security
technologies appear seemless to applications and users helps make
security more straight forward and secure overall. It's a relative new
initiative and having it available in Fedora for people to start to
integrate into their applications helps make Fedora a leader in
security in particular for Internet of Things and Device Edge. The IoT
Edition will be using PARSEC.

== Scope ==
* Proposal owners:
** Package the PARSEC daemon, libraries and language bindings.

* Other developers:
** No impact but developers may wish to add support for PARSEC to
their application.

* Release engineering: [https://pagure.io/releng/issue/9583 #9583]
* Policies and guidelines: N/A (not a System Wide Change)
* Trademark approval: N/A (not needed for this Change)

== Upgrade/compatibility impact ==
This is net new to Fedora so there is no upgrade issues.

== How To Test ==

There's a number of hardware options for testing. Any device with a
TPM2 including most modern laptops.

There will be selection of Arm devices available (final models still
TBD) with the appropriate firmware running the TrustZone secure world
application.

A VM with a swTPM, while not secure, will enable testing.

A number of HW security modules, exact devices still TBD.

== User Experience ==
There will be a new daemon start in the early boot process for those
that install the PARSEC stack. Fedora IoT Edition will install and
start this by default.

The Red Hat Device Edge team and Arm are working on a demo application
for IoT to provide a demonstration application on the technology.

== Dependencies ==
N/A (not a System Wide Change)

== Contingency Plan ==
* Contingency mechanism: Most of the work here is packaging so if it
doesn't make the release it would be available as an installable
update.
* Contingency deadline: N/A (not a System Wide Change)
* Blocks release? No.
* Blocks product? No.

== Documentation ==
N/A (not a System Wide Change)

== Release Notes ==

-- 
Ben Cotton
He / Him / His
Senior Program Manager, Fedora & CentOS Stream
Red Hat
TZ=America/Indiana/Indianapolis
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux