example: secure computing kernel needed
William Arbaugh
waa at cs.umd.edu
Thu Dec 18 17:33:00 EST 2003
On Dec 16, 2003, at 5:14 PM, David Wagner wrote:
> Jerrold Leichter wrote:
>> We've met the enemy, and he is us. *Any* secure computing kernel
>> that can do
>> the kinds of things we want out of secure computing kernels, can also
>> do the
>> kinds of things we *don't* want out of secure computing kernels.
>
> I don't understand why you say that. You can build perfectly good
> secure computing kernels that don't contain any support for remote
> attribution. It's all about who has control, isn't it?
>
>
There is no control of your system with remote attestation. Remote
attestation simply allows the distant end of a communication to
determine if your configuration is acceptable for them to communicate
with you. As such, remote attestation allows communicating parties to
determine with whom they communicate or share services. In that
respect, it is just like caller id. People should be able to either
attest remotely, or block it just like caller id. Just as the distant
end can choose to accept or not accept the connection.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list