On Mon, Nov 05, 2012 at 09:20:17AM +0100, James Bottomley wrote: > On Sun, 2012-11-04 at 13:52 +0000, Matthew Garrett wrote: > > You don't get to punt on making the kernel secure by simply asserting > > that some other system can be secure instead. The chain of trust needs > > to go all the way back - if your security model is based on all installs > > needing a physically present end user, all installs need a physically > > present end user. That's not acceptable, so we need a different security > > model. > > I didn't. I advocated a simple security model which you asserted > wouldn't allow unattended installs, so I explained how they could be > done.
You've explained that a hypothetical piece of software could handle key provisioning without providing any explanation for how it would be able to do so in a secure manner. -- Matthew Garrett | mj...@srcf.ucam.org -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
