Wei, Gang (gang....@intel.com) said: > > If you're attempting to create a framework that attests the integrity > > of systems for use by 'trusted' software, it would (in theory) only be as > > secure as its weakest link. Given that... PHP? > > I am not sure whether PHP is the weakest link, but the integrity checking > done > by OpenAttestation is to ensure the system is running the expected software > like BIOS/OS/etc. As to whether the expected software is secure enough it is > another story. > > > How does it intend to attest the OS in a rapidly updating Fedora > > environment? Just the kernel + initramfs? An image-based checksum such > > as what is used in ChromeOS? > > By far, just kernel + initramfs. Every time the kernel/initramfs got updated, > the Know Good Value in OpenAttestation Server should be updated to take new > kernel/initramfs as "trusted" one.
Hm, I guess that's OK as far as the feature goes, but that doesn't give me a lot of good feelings about the level of trust to ascribe to the OS that's being booted by that kernel & initramfs. Bill -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel