*countable infinities only

Jay Sulzberger jays at panix.com
Thu Jun 14 19:03:17 UTC 2012 

On Thu, 14 Jun 2012, Peter Jones <pjones at redhat.com> wrote:

> On 06/14/2012 01:56 PM, Jay Sulzberger wrote:
>
>> If Fedora appears to accept that Microsoft should have the
>> Hardware Root Key, our side's arguments, in several arenas, are
>> weakened.
>
> Okay, first off, quit hijacking fedora-devel-list for your unrelated DMCA
> stuff. It's entirely the wrong place for that.

No.  You intend to grant to Microsoft the power to impede
installation of Fedora.  The DMCA can today be used to threaten
those who go around the impediment with jail time.

My posts argue that Fedora should neither accept, nor seem to
accept, Microsoft's having the Hardware Root Key.  One reason not
to seem to accept Microsoft's having the Hardware Root Key is
that, when arguing for Examption 4, the Englobulators will answer
"Well, there is really no issue here.  Why, Fedora accepts that
it is right and proper that Microsoft have the Hardware Root
Key.".

>
> Aside from that, you've still got the facts wrong.  What you call the
> "Hardware Root Key" the specification calls the "Platform Key" or "PK". PK
> serves a couple of functions - it is the ultimate arbiter of what can and
> can't add keys to the system, and it is the determining factor as to whether
> the Secure Boot feature is enabled.  PK will probably not ever be Microsoft's
> key on any system. It'll be a unique to each hardware vendor, or possibly
> even unique to various business units within a hardware vendor, or anything
> else they happen to choose. It's completely their decision as to how they
> ship this, and nothing we can do will ever change that.

The specification's words are carefully designed to mislead.  As
pointed out, if Microsoft has the Hardware Root Key, then
"SecureBoot" is not a method of securely booting the hardware you
own.

You agree that the key in question is the Hardware Root Key.  You
just wrote:

> [the PK] is the ultimate arbiter of what can and can't add keys
> to the system, and it is the determining factor as to whether
> the Secure Boot feature is enabled.
>
> The contents of PK are not and have not ever been the question in this 
> thread.

Yes, of course, who has the Hardware Root Key is the issue here.

If there is no issue as to who has the Hardware Root Key, why do
you propose having Microsoft sign a Fedora key which allows for
more convenient installation of Fedora?  If there is no issue,
Microsoft is not involved.  But Microsoft is involved.

>
> P.S. - It looks really strange when you namedrop yourself in your own email.
> It's like referring to yourself in the third person, squared.
> --
>        Peter

Thanks, Peter, for responding.

I hope we may soon sit down together with food and drink before
us and discuss rhetoric.

oo--JS.

More information about the devel mailing list