Re: [tboot-devel] readme on tboot

2019-01-15 Thread Rich Persaud
> On Jan 11, 2019, at 11:42, Mat wrote: > > Can anyone else explain in simple words the difference between Secure boot > and Trusted boot. UEFI Secure Boot has roots in the Microsoft PC ecosystem, it was later adapted to Linux, see Matthew Garrett's blog: http://mjg59.dreamwidth.org/9844.html

Re: [tboot-devel] readme on tboot

2019-01-11 Thread Mat
Can anyone else explain in simple words the difference between Secure boot and Trusted boot. Thank you Greg for your continued elaboration. On Thu, Jan 10, 2019 at 6:28 PM Dr. Greg wrote: > On Tue, Jan 08, 2019 at 03:02:32PM -0800, Mat wrote: > > Good evening, I hope the week has gone well. > >

Re: [tboot-devel] readme on tboot

2019-01-10 Thread Dr. Greg
On Tue, Jan 08, 2019 at 03:02:32PM -0800, Mat wrote: Good evening, I hope the week has gone well. > There are firmware based secure boot using fTPM secure partitioning and > more. > > Some chipset vendors also support secure boot natively. If you are talking fTPM I assume you are referring to AR

Re: [tboot-devel] readme on tboot

2019-01-08 Thread Mat
There are firmware based secure boot using fTPM secure partitioning and more. Some chipset vendors also support secure boot natively. 1. Is there a cpu architecture-neutral way to implement secure/trusted boot. 2. Assuming an internet facing router(without secure/trusted boot) is hardened enough

Re: [tboot-devel] readme on tboot

2019-01-08 Thread Dr. Greg
On Mon, Jan 07, 2019 at 09:25:55PM -0800, Mat wrote: Good day again. > So, what is the criterion to implement Secure boot or Trusted boot. > Where are the instructions to implement either? What are some > minimum pre-requisites on existing Router (say) to implement either. As I noted in my prev

Re: [tboot-devel] readme on tboot

2019-01-07 Thread Mat
So, what is the criterion to implement Secure boot or Trusted boot. Where are the instructions to implement either? What are some minimum pre-requisites on existing Router (say) to implement either. On Mon, Jan 7, 2019 at 1:54 AM Dr. Greg wrote: > On Sat, Jan 05, 2019 at 07:22:36PM -0800, Mat wr

Re: [tboot-devel] readme on tboot

2019-01-07 Thread Dr. Greg
On Sat, Jan 05, 2019 at 07:22:36PM -0800, Mat wrote: Good morning, I hope the week is starting well for everyone. > How would a device vendor use tboot to implement secure/trusted boot > on their networking devices like routers and switches? > > If someone can also clarify diff between secure boo

[tboot-devel] readme on tboot

2019-01-05 Thread Mat
How would a device vendor use tboot to implement secure/trusted boot on their networking devices like routers and switches? If someone can also clarify diff between secure boot and trusted boot, when to use what. -c ___ tboot-devel mailing list tboot-dev