Date: Wed, 06 Jun 2012 20:40:26 +0200 From: Damien Fleuriot <ml@my.gd> To: freebsd-questions@freebsd.org Subject: Re: Is this something we (as consumers of FreeBSD) need to be aware of? Message-ID: <4FCFA41A.4010506@my.gd> In-Reply-To: <Pine.GSO.4.64.1206061241470.15673@nber6> References: <201206061630.q56GUJj7093472@fire.js.berklix.net> <Pine.GSO.4.64.1206061241470.15673@nber6>
next in thread | previous in thread | raw e-mail | index | archive | help
On 6/6/12 6:45 PM, Daniel Feenberg wrote: > > > On Wed, 6 Jun 2012, Julian H. Stacey wrote: > >>> I do wonder about that. What incentive does the possesor of a signing >>> key >>> have to keep it secret? >> >> Contract penalty clause maybe ? Lawyers ? > > A limited-liability company with no assets is judgement-proof. > >> >> Otherwise one of us would purchase a key for $99, & then publish >> the key so we could all forever more compile & boot our own kernels. >> But that would presumably break the trap Microsoft & Verisign seek >> to impose. >> > > Could it really be that simple? As for hardware vendors putting revoked > keys in the ROM - are they really THAT cooperative? Seems like they > would drag their feet on ROM updates if they had to add a lot of stuff > that won't help them, so that doesn't seem like a great enforcement tool. > > dan feenberg Oh god... Please realize that once the key is divulged, it gets revoked at the BIOS' next update. Otherwise the key's purpose is rendered moot.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4FCFA41A.4010506>