Re: A _good_ and valid use for TPM

[Jan Alsenz]

I agree too!

Multiple methods are interesting and everything that can be, should be placed in
 modules.
But some parts of a trusted boot chain need to be in the MBR, etc. which is
mainline code (regardless of how how you build it).

The way I have implemented my version of the MBR right now is with compile 
flags:
If you don't want/need TPM code it won't be on your system! If you compile it
with TPM support, it won't boot if there is no TPM (I don't like silent 
failures).

Greets,

Jan


Michael Gorven schrieb:
> On Friday 20 February 2009 13:27:28 phcoder wrote:
>> Free software is about freedom of choice. I think we should have
>> possibility to have multiple authentication and key sources. Then one
>> could e.g. not save password as md5 somewhere in configfile or embedded
>> in module but check that this password opens luks. Or that it's a
>> password of somebody in wheel group basing on /etc/passwd, /etc/shadow
>> and /etc/group. In this case tpm-keyretrieve module may be developed
>> outside of main trunk and if someone wants it he can download it
> 
> Yes, I agree that there should be multiple methods, but I don't see why the 
> TPM module shouldn't be in the main trunk. It wouldn't be forced on GRUB 
> users in any way -- we would just be giving them the option to use it. They 
> would have to explicitly enable and set it up. As Jan said, the TPM is a 
> passive device which can be used in any way we wish, and I don't see why 
> using some of its features to create a more secure system is wrong.
> 
> Regards
> Michael

signature.asc
Description: OpenPGP digital signature