Not logged in
Log in now
Create an account
Subscribe to LWN
LWN.net Weekly Edition for June 20, 2013
Pencil, Pencil, and Pencil
Dividing the Linux desktop
LWN.net Weekly Edition for June 13, 2013
A report from pgCon 2013
Implementing UEFI Secure Boot in Fedora
Posted May 31, 2012 17:00 UTC (Thu) by dgm (subscriber, #49227)
Posted May 31, 2012 22:24 UTC (Thu) by ncm (subscriber, #165)
Posted May 31, 2012 23:53 UTC (Thu) by dgm (subscriber, #49227)
Posted Jun 1, 2012 12:06 UTC (Fri) by pjones (guest, #31722)
Posted May 31, 2012 17:34 UTC (Thu) by butlerm (subscriber, #13312)
The first alternative that comes to mind is a hardware manufacturers association like the PCI-SIG. The IEEE sounds like a reasonable possibility as well. Another option might be to have a centralized body carry only a list of keys that "every" device should carry, and have the actual signing be done by independent key signing authorities like Verisign. Decide on a realistic number of standard authoritative keys (a dozen perhaps) and let KSAs bid for the privilege of providing one of them.
Of course it would nice to have a trusted non-profit KSA, provided one could come up with the necessary resources to operate one. If a sufficient number of vendors agreed, they could form a non-profit KSA and dispense with the need for independent for-profit KSAs to do the job instead. Either way, some independent organization needs to be in charge of the list of keys to be installed on essentially every device.
Posted May 31, 2012 21:00 UTC (Thu) by bronson (subscriber, #4806)
Posted May 31, 2012 22:24 UTC (Thu) by butlerm (subscriber, #13312)
However, as of today, there probably isn't a single independent organization that is set up to run an operation like this. So the vendors that care are likely to have to either establish a new non-profit key signing authority, persuade an existing non-profit like the Apache Foundation to take on the job (with the appropriate contributions of time and resources), or establish a private for-profit key signing model where multiple independent, for-profit KSAs (think Verisign) have the ability to validate and sign binaries on a fee for service basis.
As it stands, from a multi-vendor point of view, it is unbelievable how poorly this was thought out. It is so bad that the whole scheme could probably be shut down on anti-trust grounds alone. It is a de facto conspiracy in restraint of trade.
Posted Jun 1, 2012 0:12 UTC (Fri) by paravoid (subscriber, #32869)
Posted Jun 1, 2012 17:52 UTC (Fri) by dashesy (subscriber, #74652)
Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds