Re: Bug#766395: emacs/gnus: Uses s

emacs-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Bug#766395: emacs/gnus: Uses s_client to for SSL.

From:	Florian Weimer
Subject:	Re: Bug#766395: emacs/gnus: Uses s_client to for SSL.
Date:	Tue, 28 Oct 2014 16:33:36 +0100

* Perry E. Metzger:

> The trick is to make sure it isn't used as an instrument to prevent
> ordinary people from booting software of their choice, but rather is
> used as an instrument to assure that when they boot the software of
> their choice, they're actually getting that and not malware.

None of the existing boot verification technologies provides this.
It's also difficult to reconcile this with full user autonomy—if the
user can load previously untrusted key material (and especially if
this is an expected step during installation of a free operating
system), the firmware can no longer warn about malicious keys and
malicious software (because the user has replaced the trust root).

[Prev in Thread]

Current Thread

[Next in Thread]

Re: Bug#766395: emacs/gnus: Uses s_client to for SSL., (continued)

Prev by Date: Re: Bug#766395: emacs/gnus: Uses s_client to for SSL.
Next by Date: Re: git transition issues
Previous by thread: Re: Bug#766395: emacs/gnus: Uses s_client to for SSL.
Next by thread: Re: Bug#766395: emacs/gnus: Uses s_client to for SSL.
Index(es):
- Date
- Thread