On Mon, 9 Sep 2019, Mimi Zohar wrote: > The remote attestation server could gate any service based on the > certificate signer. The first gated service, based on this feature, > will probably be network access (eg. TNC). If/when this feature is > upstreamed, every company, including financial institutes, > organizations, and governments will become THE certificate signer for > their organization, in order to limit access to their network and > systems. This is already happening at scale, and a primary use-case for the patchset. > Once that happens, how long will it be until the same > feature will be abused and used to limit the individual's ability to > pick and choose which applications may run on their systems.[1] Isn't this already happening (in a non-abusive way) with mobile devices? > Mimi > > [1] Refer to Richard Stallman's last paragraph https://www.gnu.org/phi > losophy/can-you-trust.en.html Please consider if you really want to be endorsing this individual. -- James Morris <jmorris@xxxxxxxxx>
