Is this something we (as consumers of FreeBSD) need to be aware
ml at my.gd
Wed Jun 6 18:40:31 UTC 2012
On 6/6/12 6:45 PM, Daniel Feenberg wrote:
> On Wed, 6 Jun 2012, Julian H. Stacey wrote:
>>> I do wonder about that. What incentive does the possesor of a signing
>>> have to keep it secret?
>> Contract penalty clause maybe ? Lawyers ?
> A limited-liability company with no assets is judgement-proof.
>> Otherwise one of us would purchase a key for $99, & then publish
>> the key so we could all forever more compile & boot our own kernels.
>> But that would presumably break the trap Microsoft & Verisign seek
>> to impose.
> Could it really be that simple? As for hardware vendors putting revoked
> keys in the ROM - are they really THAT cooperative? Seems like they
> would drag their feet on ROM updates if they had to add a lot of stuff
> that won't help them, so that doesn't seem like a great enforcement tool.
> dan feenberg
Please realize that once the key is divulged, it gets revoked at the
BIOS' next update.
Otherwise the key's purpose is rendered moot.
More information about the freebsd-questions