On Wed, Aug 19, 2009 at 9:53 PM, Michael Gorven<mich...@gorven.za.net> wrote: > On Wed, Aug 19, 2009 at 04:01:39PM +0200, Robert Millan wrote: >> >> Can you give a reason not to provide the owner with any of: >> >> - A printed copy of the private key corresponding to the chip he paid >> for. > > Not really, although not having any trace of the private key reduces the > chance of it being stolen. I find this point kind of moot though because the > chip can be reset completely -- you don't need the private key. > burn it if you want so >> - A button in the back of the chip that disables "hostile mode" and makes >> it sign everything that was asked for (so-called "owner override") > > Because that would not make it secure from physical access. > there are ways to securily disable the button if it's needed.
-- Regards Vladimir 'phcoder' Serbinenko Personal git repository: http://repo.or.cz/w/grub2/phcoder.git _______________________________________________ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel