| David Wagner writes:
|
| To see why, let's go back to the beginning, and look at the threat
| model. If multiple people are doing shared development on a central
| machine, that machine must have an owner -- let's call him Linus. Now
| ask yourself: Do those developers trust Linus?
|
|
Jerrold Leichter wrote:
All of this is fine as long as there is a one-to-one association between
machines and owners of those machines. Consider the example I gave
earlier: A shared machine containing the standard distribution of the
trusted computing software. All the members of the group
David Wagner writes:
So it seems that third-party-directed remote attestation is really where
the controversy is. Owner-directed remote attestation doesn't have these
policy tradeoffs.
Finally, I'll come back to the topic you raised by noting that your
example application is one that could
| Rick Wash wrote:
| There are many legitimate uses of remote attestation that I would like to
| see. For example, as a sysadmin, I'd love to be able to verify that my
| servers are running the appropriate software before I trust them to access
| my files for me. Remote attestation is a good
On Tue, 23 Dec 2003, Seth David Schoen wrote:
When attestation is used, it likely will be passed in a service like
HTTP, but in a documented way (for example, using a protocol based on
XML-RPC). There isn't really any security benefit obtained by hiding
the content of the attestation _from the
Antonomasia writes:
From: Carl Ellison [EMAIL PROTECTED]
Some TPM-machines will be owned by people who decide to do what I
suggested: install a personal firewall that prevents remote attestation.
How confident are you this will be possible ? Why do you think the
remote attestation
On Sun, Dec 21, 2003 at 08:55:16PM -0800, Carl Ellison wrote:
IBM has started rolling out machines that have a TPM installed.
[snip ...]
Then again, TPMs cost money and I don't know any private individuals who are
willing to pay extra for a machine with one. Given that, it is unlikely
At 03:03 PM 12/21/2003 -0800, Seth David Schoen wrote:
Some people may have read things like this and mistakenly thought that
this would not be an opt-in process. (There is some language about
how the user's platform takes various actions and then responds to
challenges, and perhaps people
From: Carl Ellison [EMAIL PROTECTED]
Some TPM-machines will be owned by people who decide to do what I
suggested: install a personal firewall that prevents remote attestation.
How confident are you this will be possible ? Why do you think the
remote attestation traffic won't be passed
Carl Ellison wrote:
We see here a difference between your and my sides of the Atlantic. Here in
the US, almost no one has a smart card.
Of those cards you carry, how many are capable of doing public key
operations? A simple memory smartcard doesn't count for what we were
talking about.
I don't
Message-
From: Seth David Schoen [mailto:[EMAIL PROTECTED] On Behalf Of
Seth David Schoen
Sent: Sunday, December 21, 2003 3:03 PM
To: Carl Ellison
Cc: 'Stefan Lucks'; [EMAIL PROTECTED]
Subject: Re: Difference between TCPA-Hardware and a smart
card (was: example: secure computing kernel
Stefan Lucks [EMAIL PROTECTED] writes:
Currently, I have three smart cards in my wallet, which I did not want to own
and which I did never pay for. I never used any of them.
Conversation from a few years ago, about multifunction smart cards:
- Multifunction smart cards are great, because
Carl Ellison wrote:
It is an advantage for a TCPA-equipped platform, IMHO. Smart cards cost
money. Therefore, I am likely to have at most 1.
If I glance quickly through my wallet, I find 7 smartcards (all credit
cards). Plus the one in my phone makes 8. So, run that at most 1
argument past me
|
+---Officer, arrest that man. He's whistling a copyrighted song.---+
-Original Message-
From: Ben Laurie [mailto:[EMAIL PROTECTED]
Sent: Friday, December 19, 2003 2:42 AM
To: Carl Ellison
Cc: 'Stefan Lucks'; [EMAIL PROTECTED]
Subject: Re: Difference between TCPA-Hardware and a smart
card
TCPA-Hardware and a smart
card (was: example: secure computing kernel needed)
On Mon, 15 Dec 2003, Carl Ellison wrote:
The point is that Your system is not supposed to prevent You
from doing
anything I want you not to do! TCPA is supposed to lock You
out of some
parts of Your system
On Mon, 15 Dec 2003 19:02:06 -0500 (EST)
Jerrold Leichter [EMAIL PROTECTED] wrote:
However, this advantage is there only because there are so few smart cards,
and so few smart card enabled applications, around.
It is not really true that there are so few smartcards. Almost every
mobile phone
At 10:51 AM 12/16/2003 +0100, Stefan Lucks wrote:
I agree with you: A good compromise between security and convenience is an
issue, when you are changing between different smart cards. E.g., I could
imagine using the smart card *once* when logging into my bank account,
and then only needing it,
At 07:02 PM 12/15/2003 -0500, Jerrold Leichter wrote:
However, this advantage is there only because there are so few smart cards,
and so few smart card enabled applications, around.
A software only, networked smart card would solve the
chicken and egg problem. One such solution is
Tamper resistant
On Mon, 15 Dec 2003, Jerrold Leichter wrote:
| This is quite an advantage of smart cards.
However, this advantage is there only because there are so few smart cards,
and so few smart card enabled applications, around.
Strangely enough, Carl Ellison assumed that you would have at most one
| Which brings up the interesting question: Just why are the reactions to
| TCPA so strong? Is it because MS - who no one wants to trust - is
| involved? Is it just the pervasiveness: Not everyone has a smart card,
| but if TCPA wins out, everyone will have this lump inside of their
|
20 matches
Mail list logo