On Thu, May 31, 2007 at 12:45:10PM +0200, Patrick Georgi wrote: > As far as I know, this mechanism doesn't prevent you from creating > another root. (or just deleting the old one)
No, but it stablishes a practice that it is ok to use someone else's root. When everyone starts doing this (and they WILL do this since someone else will take the decision for them), that practice will become standard, then I am being labeled as "not clear" by omission if I insist in using my own root instead of someone else's. An example: if a website requires that you must use Internet Explorer to view it, and uses a TPM scheme to get clients to prove they're using IE, there's nothing I can do to visit this website, other than using IE. Before Treacherous Computing, such kind of lockdown was impossible to accomplish. I don't deny that this technology could be oriented towards legitimate uses, becoming Trusted Computing rather than Treacherous. But this may only come when everyone stops the pretension that a TPM system that can be used with someone else's root and doesn't provide any backdoor for owner with physical access is indeed agnostic about good and evil. We'll see that when they start selling preconfigured TPMs where root belongs to a mallicious 3rd party (if they aren't doing that already). -- Robert Millan My spam trap is [EMAIL PROTECTED] Note: this address is only intended for spam harvesters. Writing to it will get you added to my black list. _______________________________________________ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel