Trusted Boot in Fedora

Gregory Maxwell gmaxwell at
Fri Jun 24 08:24:27 UTC 2011

On Fri, Jun 24, 2011 at 4:07 AM, Rahul Sundaram <metherid at> wrote:
> If you have *specific* concerns,  let's hear those.  You seem to just
> quoting parts of a public wiki page anyone can read.  I don't see the
> point of that

If trusted boot in fedora is widely deployed, then $random_things may
demand I use a particular fedora kernel in order to access them.  Both
handcapping my personal freedom to tinker with my own computer by
imposing new costs on it, and hampering the Fedora project by creating
additional friction against upgrades.
("Sorry, I can't upgrade to the new kernel to test that, because then
I won't be able to watch netflicks!")

In cases where remote attestation is especially important for
legitimate purposes then it would be completely acceptable to require
the user to enable it. Making it work by default will encourage the
use of the functionality in places where it is not important, because
the community of tinkerers and innovators is simply small enough to

Is that the world we want to live in?  Why should our project
contribute to that world's creation?

I think the wide (e.g. by default) deployment of remote attestation
undermines the Fedora foundational value of freedom and will inhibit
the innovation which is central to the project's mission. Accordingly,
support for remote attestation in the default install should be
explicitly and categorically rejected with the same vigor, and many of
the same reasons, that the project rejects proprietary software which
it could lawfully distribute.

More information about the devel mailing list