On Sat, Feb 21, 2009 at 03:20:39PM +0100, Jan Alsenz wrote: > > > > "remote attestation" is only useful when you want to coerce others into > > running your (generaly proprietary) software. I hope this is not what you > > want to do. > Yes, this is exactly what he tries do to: convince his keyserver, that the > requesting server runs, what it's supposed to. > > Which is exactly remote attestation, just in this case he controls both sides, > which I think makes it an interesting use of the technology.
That would be like trying to rob yourself by threatening yourself with a gun, instead of simply drawing money from your wallet. If you just want to ensure noone is tampering your box, simply make your box tamper-proof. You don't need a protocol to allow third parties to check anything. > > This is unnecessary. Once GRUB supports crypto, it can simply load > > itself from an encrypted filesystem on disk. An image can be of > > arbitrary size. > Ok, but where does it get the key from? The public key (or just a hash) can be embedded in GRUB itself. In the instance of GRUB that goes to the flash chip, that is. > And how can wherever the key comes from be sure that it's talking to GRUB? Because you put it there, and made sure noone can overwrite it afterwards. -- Robert Millan The DRM opt-in fallacy: "Your data belongs to us. We will decide when (and how) you may access your data; but nobody's threatening your freedom: we still allow you to remove your data and not access it at all." _______________________________________________ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel