Date: Sun, 22 Oct 2017 18:31:33 -0400 From: Shawn Webb <shawn.webb@hardenedbsd.org> To: Eric McCorkle <eric@metricspace.net> Cc: "freebsd-hackers@freebsd.org" <freebsd-hackers@FreeBSD.org>, freebsd-security@freebsd.org, freebsd-arch@freebsd.org Subject: Re: Trust system write-up Message-ID: <20171022223133.nkcpkhtl7s7kzgs5@mutt-hbsd> In-Reply-To: <1a9bbbf6-d975-0e77-b199-eb1ec0486c8a@metricspace.net> References: <1a9bbbf6-d975-0e77-b199-eb1ec0486c8a@metricspace.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--zanh2tn2izgbdqkn Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Oct 22, 2017 at 10:14:40PM +0000, Eric McCorkle wrote: > Hello everyone, >=20 > The following is a write-up of my current design for a public-key trust > system: >=20 > https://www.metricspace.net/files/freebsd_trust.pdf >=20 > Some of you are certainly familiar with some or all of this; > I've discussed parts of it before on -hackers and -security, and I > discussed it in greater detail in BoF sessions at vBSDCon. It seems > things are heating up in this direction, so I'd like to get this out > there and get discussion and feedback. >=20 > I plan on undertaking work on this in the very near future, especially > since the commit-train for GELI EFI is ready to arrive in HEAD. >=20 > A bit about the format: this is sort of the "meat" of what I hope will > be a paper some day, but it's still an initial draft. Moreover, it > talks about things I'm planning as if they exist, mainly because I don't > want to have to go back and rewrite everything in the future. In > reality, most of what I talk about is just a proposal at this point, > with a few bits being implemented as a PoC here and there. >=20 > Please read and consider the designs I've proposed. I welcome any > feedback and suggestions. I'll give it a week minimum from today before > I resume any work on this stuff. Hey Eric, Thank you so much for working on this. I do have a few questions. I'm curious about the rational behind not requiring expiration of trusted root key material. Can jails contain a different trust chain than the host? Thanks, --=20 Shawn Webb Cofounder and Security Engineer HardenedBSD GPG Key ID: 0x6A84658F52456EEE GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE --zanh2tn2izgbdqkn Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEKrq2ve9q9Ia+iT2eaoRlj1JFbu4FAlntHEIACgkQaoRlj1JF bu585g//SLA5OM7zRX/0SziOYf5ref5HARdM9T0BjmEejcLGA9ZgcwH3i0krPJXY IznjVMVlIpXcqUA5CYrNjSaaxs1h2TIS/wxVrhPrtpM8NOezZNxOT0fm8IaG624h V1E0YO+TYn2Iy3yBrzAJI+kFnJ998cvTauapAWxtvpo3AJUfDI/Lx02yEbq21U+J JJV5vvYE029on0irPWepCJdRz9hiwUCI/f9t3yXlJLae01RgJObwpU+SXgtGOx43 e/HO/za/EEgDmB7njSUyw0sw4QWm7F1VXhemClP9jq7C+yedIkExJFfE6VynRDta crR9StOctmkdnf4M/48NGmGUndRBLDrwf0b6+gmSuZTrzP4WOkYMK5bJYJPA2xx5 DbRCOpqIc+Jvr+Qfnr2mXnUKmjM+WWo/FCx/pc7eFMaNyFQpSBpBptO/syuOTvJU MAmCBdreT56Tz1uce7JH6Q3sOQ3C3HLFn4kB1F5l4kTskiZSMOykFEUmgEfz75kF gnXCT/dJVfsYQCbGeQlU2+wCK1tt03p+4pcSyCK7cMdSd7RCjrt7H2G44UGet+lH fH3Q0FuCxfD8TuLaG5az8NpdrAB24cPPM8wghyunqDllNqb19731d6fK4+EJBmbF OOniNXf0EA3CalTN1dtRluABHZyxWidZKudUot77xJ1jqlPLDKM= =vbis -----END PGP SIGNATURE----- --zanh2tn2izgbdqkn--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20171022223133.nkcpkhtl7s7kzgs5>