Hi,
we have some rudimentary support for Clevis in the Cockpit Web Console,
and now the question is, should we add support for "tpm2" to that?
As I understand it, there is a lot of evolving OS specific subtlety
involved, so I am asking specifically how this would look on current
Fedora and what to expect in the near future.
Here is the discussion that prompted my question:
https://github.com/cockpit-project/cockpit/issues/14313[1]
In most concrete terms: Which PCRs should we use on which version of
Fedora? ("None" is a totally nice answer.)
I don't think we can let the user enter the PCR numbers, that requires
way to much intimate knowledge of the current state of support for
secure boot of their OS. I.e., the best way I have to answer that for
myself is to ask here.
The user needs to be shielded from that knowledge, I'd say, and ideally
clevis would already shield me from it, but I am happy to do it in
Cockpit.
Thanks!
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
