Internal Use - Confidential
> -----Original Message-----
> From: Dr. G.W. Wettstein <g...@wind.enjellic.com>
> Sent: Wednesday, December 1, 2021 08:53
> To: Randzio, Pawel; tboot-change...@lists.sourceforge.net; tboot-
> de...@lists.sourceforge.net
> Subject: Re: [tboot-devel] [ANNOUNCEMENT] PCR Extended Policy - planned
> DEFEATURING
>
>
> [EXTERNAL EMAIL]
>
> On Dec 1, 9:04am, "Randzio, Pawel" wrote:
> } Subject: [tboot-devel] [ANNOUNCEMENT] PCR Extended Policy - planned
> DEFEAT
>
> > Hello,
>
> Good morning, I hope this note finds the day, or evening, going well for
> everyone.
>
> > I would like to inform you that there are plans to defeature TBOOT
> > extpol option and fix it to current default.
> >
> > The change affects TPM2.0 PCR Extended Policy Support. It has two options:
> >
> > * "Maximum Agility" - hashes computed using TPM2.0
> > * "Maximum Performance" - hashes computed using software, no TPM
> usage
> >
> > We want to defeature the "Maximum Agility" option and leave only
> "Maximum Performance" (current default).
Why would you not just switch the default and leave the Agility as an option?
> >
> > If you have any objections, please inform me.
>
> No objections but we would be interested in understanding the root rationale
> for the change.
I'm also interested in the rationale. The change of default I can understand. I
think that
most people using tboot use the "extpol" option. I don't understand completely
removing agility as an option.
_______________________________________________
tboot-devel mailing list
tboot-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tboot-devel