On Jun 25, 2007, at 7:23 PM, Matt Johnston wrote:
On Mon, Jun 25, 2007 at 04:42:56PM +1200, David G. Koontz wrote:
Apple (mis)uses
TPM to unsuccessfully prevent OS X from running on non-Apple
Hardware.
All Apple on Intel machines have TPM, that's what 6 percent of new
PCs?
To nit pick,
At 3:26 PM -0500 6/26/07, Nicolas Williams wrote:
I strongly dislike the WG's name. Suffice it to say that it was not my
idea :); it created a lot of controversy at the time, though perhaps
that controversy helped sell the idea ("why would you want this silly,
insecure stuff?" "because it enable
On Tue, Jun 26, 2007 at 01:20:41PM -0700, Paul Hoffman wrote:
> >For all the other aspects of BTNS (IPsec connection latching [and
> >channel binding], IPsec APIs, leap-of-faith IPsec) agreeing on a
> >globally shared secret does not come close to being sufficient.
>
> Fully agree. BTNS will defin
At 2:49 PM -0500 6/26/07, Nicolas Williams wrote:
On Fri, Jun 22, 2007 at 10:43:16AM -0700, Paul Hoffman wrote:
> This was discussed many times, and always rejected as "not good
enough" by the purists. Then the IETF created the BTNS Working Group
which is spending huge amounts of time getting
On Fri, Jun 22, 2007 at 10:43:16AM -0700, Paul Hoffman wrote:
> Note that that RFC is Informational only. There were a bunch of
> perceived issues with it, although I think they were more purity
> disagreements than anything.
>
> FWIW, if you do *not* care about man-in-the-middle attacks (called
On 06/25/2007 08:23 PM, Greg Troxel wrote:
> 1) Do you believe the physics? (Most people who know physics seem to.)
Well, I do happen to know a thing or two about physics. I know
-- there is quite a lot you can do with quantum physics, and
-- there is quite a lot you cannot do with quantum
On Mon, Jun 25, 2007 at 08:23:14PM -0400, Greg Troxel wrote:
> Victor Duchovni <[EMAIL PROTECTED]> writes:
> > Secure in what sense? Did I miss reading about the part of QKD that
> > addresses MITM (just as plausible IMHO with fixed circuits as passive
> > eavesdropping)?
>
> It would be good to r
On 6/26/07, Sandy Harris <[EMAIL PROTECTED]> wrote:
It is certainly a problem, but you can get around it partially even if your IP
address is dynamically assigned:
http://www.freeswan.org/freeswan_trees/freeswan-2.00/doc/quickstart.html#opp.client
You do need to use a dynamic DNS server to hand
On Mon, Jun 25, 2007 at 08:23:14PM -0400, Greg Troxel wrote:
> 1) Do you believe the physics? (Most people who know physics seem to.)
Yes.
> 2) Does the equipment in your lab correspond to the idealized models
> with which the proofs for (1) were done. (Not even close.)
Does QKD address
On Fri, Jun 22, 2007 at 08:21:25PM -0400, Leichter, Jerry wrote:
> BTW, on the quantum subway tokens business: In more modern terms,
> what this was providing was unlinkable, untraceable e-coins which
> could be spent exactly once, with *no* central database to check
> against and none of this "we
On Mon, 25 Jun 2007, Hal Finney wrote:
> The idea of putting a TPM on a smart card or other removable device is
> even more questionable from this perspective. A TPM which communicates
> via an easily accessible and tamperable bus is almost useless for the
> security concepts behind the Trusted Co
On 6/23/07, Eugen Leitl <[EMAIL PROTECTED]> wrote:
> The general idea is that if you use keys in DNS to authenticate gateways
Aye, that's the rub. Most hosts are in dynamic address space,
and anything involving DNS will not fly.
It is certainly a problem, but you can get around it partially e
David G. Koontz wrote:
>
> I picked on one motherboard, a Gigabyte GA-P3-DQ6 which has the 20 pin
> header for the IEI TPM pluggable. After an extensive investigation I
> found no direct evidence you can actually do as Peter states and roll
> your own building a TPM enabled system. That includes
On 26 June 2007 00:51, Ian Farquhar (ifarquha) wrote:
>> It seems odd for the TPM of all devices to be put on a pluggable module as
>> shown here. The whole point of the chip is to be bound tightly to the
>> motherboard and to observe the boot and initial program load sequence.
>
> Maybe I am sh
Ian Farquhar writes:
> [Hal Finney wrote:]
> > It seems odd for the TPM of all devices to be put on a pluggable module as
> > shown here. The whole point of the chip is to be bound tightly to the
> > motherboard and to observe the boot and initial program load sequence.
>
> Maybe I am showing my
Peter Gutmann wrote:
> "David G. Koontz" <[EMAIL PROTECTED]> writes:
>
>> There are third party TPM modules, which could allow some degree of
>> standardization:
>
> As I said in my previous message, just because they exist doesn't mean they'll
> do anything if you plug them into a MB with the ne
Victor Duchovni <[EMAIL PROTECTED]> writes:
> Secure in what sense? Did I miss reading about the part of QKD that
> addresses MITM (just as plausible IMHO with fixed circuits as passive
> eavesdropping)?
It would be good to read the QKD literature before claiming that QKD is
always unauthenticat
[EMAIL PROTECTED] ("Hal Finney") writes:
>The idea of putting a TPM on a smart card or other removable device is even
>more questionable from this perspective.
It's not just questionable, it's a really, really bad idea. TPMs are
fundamentally just severely feature-crippled smart cards. That is,
18 matches
Mail list logo
