Proposed F19 Feature: OpenAttestation
Bill Nottingham
notting at redhat.com
Mon Jan 28 19:44:11 UTC 2013
Jaroslav Reznik (jreznik at redhat.com) said:
> = Features/OpenAttestation =
> https://fedoraproject.org/wiki/Features/OpenAttestation
>
> Feature owner(s): Gang Wei <gang.wei at intel.com>
>
> Provide fedora packages for OpenAttestation to support Trusted Compute
> Pools(TCP) feature in OpenStack since Folsom release & in future oVirt
> releases.
Wow, TCP is a horribly unfortunate acronym collision.
> == Detailed description ==
> This feature would include mostly packaging OpenAttestation project for
> fedora.
>
> * the source package will be named oat
> * the binary packages will include oat-appraiser & oat-client
If you're attempting to create a framework that attests the integrity
of systems for use by 'trusted' software, it would (in theory) only be as
secure as its weakest link. Given that... PHP?
How does it intend to attest the OS in a rapidly updating Fedora environment?
Just the kernel + initramfs? An image-based checksum such as what is used in
ChromeOS?
Bill
More information about the devel
mailing list