Krishna Sankar (ksankar) wrote: > The signed code paradigm is being used by Microsoft, Java et al.
Signed code works, but that's sort of beside the point. In this case, what's in question is a particular and rather unusual implementation thereof, and I wanted to get a bunch of eyeballs on the unusual bits to make sure I didn't miss something. > Embedding an OLPC public key in the bios for bootstrapping is fine. > We need to make sure, it is protected properly I don't know what you mean by 'protected properly'. The key is public, so it's available for download on the Internet. Protection against the BIOS being maliciously overwritten is the whole point of the scheme; the public keys just get a free ride because they live within the LB payload. > unique MAC address I will almost certainly make the MACs unusable for identifying the machines. See e.g. RFC 3041. More details to be provided in the spec. > But, want to caution that either the > key or the serial number or the MAC address can be spoofed (under > proper conditions) and so we should make sure, we do not put *undue* > trust in any of these artifacts. There's no trust being put into either one. -- Ivan Krstić <[EMAIL PROTECTED]> | GPG: 0x147C722D _______________________________________________ Devel mailing list [email protected] http://mailman.laptop.org/mailman/listinfo/devel
