example: secure computing kernel needed

William Arbaugh waa at cs.umd.edu
Thu Dec 18 17:33:00 EST 2003


On Dec 16, 2003, at 5:14 PM, David Wagner wrote:

> Jerrold Leichter  wrote:
>> We've met the enemy, and he is us.  *Any* secure computing kernel 
>> that can do
>> the kinds of things we want out of secure computing kernels, can also 
>> do the
>> kinds of things we *don't* want out of secure computing kernels.
>
> I don't understand why you say that.  You can build perfectly good
> secure computing kernels that don't contain any support for remote
> attribution.  It's all about who has control, isn't it?
>
>
There is no control of your system with remote attestation. Remote 
attestation simply allows the distant end of a communication to 
determine if your configuration is acceptable for them to communicate 
with you. As such, remote attestation allows communicating parties to 
determine with whom they communicate or share services. In that 
respect, it is just like caller id. People should be able to either 
attest remotely, or block it just like caller id. Just as the distant 
end can choose to accept or not accept the connection.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list