On 12/22/22 15:39, Lennart Poettering wrote:
Well, the thing is: a chain of trust is a*chain*, hence you must ultimately hook validation to what the firmware provides you with as root. And that ultimately is the SecureBoot db on commodity hardware.
Well, the thing with a chain of trust is the fact that the only chain the user can trust is the one that he himself or the host device he owns and operates generated that trust of chain, from link 0 in that chain. ( And we all know how browsers handle self signed certificates who are no less secure than those issued )
If the user does not generate or otherwise have control over *all* the links in the trust chain, that chain cant be considered trusted now can it, which in turn begs the question why partake in this industry security theater which may brick or otherwise make the end users life more miserable or even exclude certain types of devices, if in the end of the day, the host or the end user is not "secure" for it.
Are those efforts truly for the end user or just to meet some industry/government requirements ( some governments require backdoor entrance(s) from vendors for "lawful inspection", backdoor(s) that might be implement or otherwise supported in the trust chain itself if the host or user has not full control over that chain ).
JBG _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
