* One Thousand Gnomes: >> For the Chrome OS use-case, it might be better described as "untrusted >> userspace", but that seems unfriendly. :) The "trusted kernel" name >> seems fine to me. > > Trusted is rather misleading. It's not trusted, it's *measured*. I don't think anyone is doing any measurement. In particular, the kernel does not know anything about the history of the boot process and cannot provide any form of attestation. This is why this feature is not very useful to end users. -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
