From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org)
	by finch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-dev+bounces-52481-garchives=archives.gentoo.org@lists.gentoo.org>)
	id 1SfS35-0004NA-Ra
	for garchives@archives.gentoo.org; Fri, 15 Jun 2012 08:38:32 +0000
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 67B9AE077C;
	Fri, 15 Jun 2012 08:38:08 +0000 (UTC)
Received: from out3-smtp.messagingengine.com (out3-smtp.messagingengine.com [66.111.4.27])
	by pigeon.gentoo.org (Postfix) with ESMTP id 14541E0747
	for <gentoo-dev@lists.gentoo.org>; Fri, 15 Jun 2012 08:37:12 +0000 (UTC)
Received: from compute4.internal (compute4.nyi.mail.srv.osa [10.202.2.44])
	by gateway1.nyi.mail.srv.osa (Postfix) with ESMTP id C6D6F21101
	for <gentoo-dev@lists.gentoo.org>; Fri, 15 Jun 2012 04:37:12 -0400 (EDT)
Received: from frontend2.nyi.mail.srv.osa ([10.202.2.161])
  by compute4.internal (MEProxy); Fri, 15 Jun 2012 04:37:12 -0400
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=binarywings.net;
	 h=message-id:date:from:mime-version:to:subject:references
	:in-reply-to:content-type; s=mesmtp; bh=UStWs5wEbcyyHXYzHcmKkOYN
	/MY=; b=IEaVAtUxl+saL8lkSnazHNQokrcIHnW2haQbtW88NATsO0OfoDwljy88
	BF0QXN1eXpwzs+cBgPU4/b54Nc4taNoWwF/1dA0x5WtiZNbW4ygtW0pR68ngPpEB
	XEJ6xuuRTVgWweyjLQKD4RGncQBKfYF1r8UQDv0rjfbpVSRi0AA=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=
	messagingengine.com; h=message-id:date:from:mime-version:to
	:subject:references:in-reply-to:content-type; s=smtpout; bh=UStW
	s5wEbcyyHXYzHcmKkOYN/MY=; b=Kkp+62R6/7+tl+eqTtWBW1sMpITiKnKSDtiJ
	nBzqYFIS5/XAkCNIJKBo3oxhUpUQTaiXfK89VNYEYIk4pu7aU5sdH7SAUJ150Vxq
	kuhKjVw+OShTtIFfQ7ZDxsR4eFlOl4WDcuI6dY7jnjIQPlJBEdDOl+ONKMrWL2c5
	WE+iarc=
X-Sasl-enc: ZtiXdKSs3u/++aKdAe1cBYFdRqTVmFntzqAUOgF0KZEd 1339749431
Received: from [192.168.5.18] (unknown [83.169.5.6])
	by mail.messagingengine.com (Postfix) with ESMTPA id C9553482775
	for <gentoo-dev@lists.gentoo.org>; Fri, 15 Jun 2012 04:37:10 -0400 (EDT)
Message-ID: <4FDAF42E.9010304@binarywings.net>
Date: Fri, 15 Jun 2012 10:37:02 +0200
From: Florian Philipp <lists@binarywings.net>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:10.0.4) Gecko/20120602 Thunderbird/10.0.4
Precedence: bulk
List-Post: <mailto:gentoo-dev@lists.gentoo.org>
List-Help: <mailto:gentoo-dev+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-dev+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-dev+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-dev.gentoo.org>
X-BeenThere: gentoo-dev@lists.gentoo.org
Reply-to: gentoo-dev@lists.gentoo.org
MIME-Version: 1.0
To: gentoo-dev@lists.gentoo.org
Subject: Re: [gentoo-dev] UEFI secure boot and Gentoo
References: <20120615042810.GA9480@kroah.com> <CAO38tUqNiPif=+o_08gZ2LLg+HgWU=as1OS9NPaHpDr3wM2udQ@mail.gmail.com> <CAB9SyzSV_rY4u43gO4hsNynz7KbF5kOT+7k8++BPNrg4b1zVMg@mail.gmail.com> <CAO38tUo2=e_kVF3mYnTSDgGCS5bBBQvojexHeSiSy-nNr2SwTQ@mail.gmail.com> <CAB9SyzTGMLxQjhWs+y6LBhkY5PG2ZV-HS3oEqvXVr1RuP1N_cw@mail.gmail.com> <4FDAEB22.4010109@gmail.com>
In-Reply-To: <4FDAEB22.4010109@gmail.com>
X-Enigmail-Version: 1.3.5
Content-Type: multipart/signed; micalg=pgp-sha1;
 protocol="application/pgp-signature";
 boundary="------------enigB86EEC687DDE03A9ED3C916C"
X-Archives-Salt: c461bd0f-b3b6-46f3-ab44-7781bda82d66
X-Archives-Hash: bc769681cbedc960aff9791130298d42

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enigB86EEC687DDE03A9ED3C916C
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

Am 15.06.2012 09:58, schrieb Richard Farina:
> On 06/15/2012 03:12 AM, Ben de Groot wrote:
>> On 15 June 2012 13:24, Arun Raghavan <ford_prefect@gentoo.org> wrote:
>>> On 15 June 2012 10:33, Ben de Groot <yngwin@gentoo.org> wrote:
>>>> On 15 June 2012 12:45, Arun Raghavan <ford_prefect@gentoo.org> wrote=
:
>>>>> On 15 June 2012 09:58, Greg KH <gregkh@gentoo.org> wrote:
>>>>>> So, anyone been thinking about this?  I have, and it's not pretty.=

>>>>>>
>>>>>> Minor details like, "do we have a 'company' that can pay Microsoft=
 to
>>>>>> sign our bootloader?" is one aspect from the non-technical side th=
at I've
>>>>>> been wondering about.
>>>>>
>>>>> Sounds like something the Gentoo Foundation could do.
>>>>
>>>> I'm certainly not the only one who would be averse to paying Microso=
ft
>>>> any ransom money.
>>>
>>> And our refusal to pay for the signing affects precisely nobody excep=
t
>>> for our users, who will have to jump through an extra hoop to make
>>> their system work.
>>>
>>> On the flip side, having a simple way to use this infrastructure mean=
s
>>> that people who care about security can get a chain of trust from the=

>>> firmware to the kernel (heck, maybe even userspace one day). This is
>>> something that is worth having as well.
>>
>> I agree that security is a worthwhile goal. I just don't trust Microso=
ft.
>>
> It's more of a "pay us or your system can't boot" that I'm opposed to.
> Saying "I just don't trust Microsoft" is second to "I just don't trust
> corporations that extort money from me just so I can boot".  I don't
> care who we are paying, I'm offended by the idea.  If users can't build=

> their own fully functional boot loader that's an issue.
>=20
> I'm all for the signed "work-around signatures" idea as it is the least=

> objectionable... if such a thing is even possible.
>=20
> -Zero
>=20

It is the most objectionable idea *I* can think of. Most importantly
because it puts the Dev who volunteers to prove his or her identity to
Verisign into a huge legal risk:

Secure Boot is designed to prevent root kits. And whether you like it or
not, it achieves this goal since it is a well designed system with few
potential flaws. That means providing signature work-arounds which
include your actual real name and other identifiable records (as they
have to contain your public key) makes you an accessory to computer crime=
s.

Besides, it wouldn't work long. They can blacklist keys. This isn't a
half-arsed pseudo-secure system like DVD-CSS or WEP. We cannot break it
in a 10 minute mailing list discussion. We have to play by the rules or
don't play at all. Everything else will require years or decades of
research.

Regards,
Florian Philipp

Regards,
Florian Philipp


--------------enigB86EEC687DDE03A9ED3C916C
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk/a9DIACgkQqs4uOUlOuU8b1wCfVSdvWLGLwXoYli3gWGe4PvCz
QssAn1+yoT0sAGsHWHjMwmMhDwqXQbsU
=Jzfk
-----END PGP SIGNATURE-----

--------------enigB86EEC687DDE03A9ED3C916C--