*countable infinities only
przemek.klosowski at nist.gov
Thu Jun 14 21:28:34 UTC 2012
On 06/14/2012 04:52 PM, Jay Sulzberger wrote:
> ad inability to manage keeping the private half of the Fedora key
> private: This is absurd. I will be happy to explain methods
> which, if Red Hat wanted, would meet all statutory, and real
> security, and even all anti-FUD compliance, requirements. This
> claimed inability is not reasonable. Why? Because your position
> implies that you trust Microsoft and the hardware vendor more
> than you trust yourselves in this.
I should know better than wade in this discussion but I couldn't resist.
I will try to stay away from the large scale argument, and limit myself
to simple observations. In this case, I believe that you significantly
underestimate the complexity of running a certificate authority. It's
not just a matter of keeping the private key private.
The whole point of being an authority is to issue proper certificates,
and to do that meaningfully you have to vet applicants, keep track of
valid and invalid certs, handle the renewals and revocations. In fact, I
suspect that the actual cost of doing it properly far exceeds the
$99/cert, and that in fact instead of Fedora paying Microsoft, MS will
be subsidizing Fedora at these prices.
> ad your answer to 2: I cannot this afternoon think of a way of
> making clear to you what you say.
Actually, throughout this discussion, I had the impression that you are
the one that isn't articulating your position clearly. I think that your
main concern is that the SecureBoot is the camel's nose under the tent,
a first step towards a comprehensive signed environment where only
'approved' code can run, all the way from firmware to kernel to user
programs---not because of security but to ensure control of digital
content by large publishers. That's why you keep bringing up DRM and and
I personally share your long-term concern, and thank you for your
advocacy on this issue. At the same time, I think that SecureBoot is a
valid security technology; just like we sign RPM packages and prevent
installation of unsigned software, it makes sense to me to have
technical means of preventing running system software of unknown
provenance. As long as there is end user control (off switch, and
installation of third-party keys), it does not inexorably lead to the
> Note that Microsoft, in combination the hardware vendors,
> succeeded in the last few years, in removing just about GNU/Linux
> system from "netbooks". Some years ago many netbooks were
> shipped with GNU/Linux, but Microsoft put an end to this.
The fact that Linux on netbooks did not become a worldwide success
has very little to do with MS machinations. For one thing, the Linux
offerings were not that good ('eee' is just about right), and for
another, the world has moved away from netbooks. Linux moved on, found a
sweet spot in Android, and trounced MS on tablets/smartphones.
More information about the devel