keying boot
Randy Bush
randy at psg.com
Sat Jun 9 14:16:43 UTC 2012
> I did say "effectively". If people would actually read that chapter
> in the spec (minimally 27.5) they would find that they can:
> - Load a new PK without asking if in default SetupMode
> - If not in SetupMode, chainload a new PK provided it is
> signed by the current PK.
> - Clear the PK in a 'secure platform specific method'.
>
> There's nothing that says PK SetupMode has to be a jumper.
beware. what it is today may not be what it will be tomorrow. these
are the folk who believe in Trusted Computing.
http://en.wikipedia.org/wiki/Trusted_Computing
randy
More information about the freebsd-hardware
mailing list