Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S261837AbVEWEad (ORCPT ); Mon, 23 May 2005 00:30:33 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S261842AbVEWEad (ORCPT ); Mon, 23 May 2005 00:30:33 -0400 Received: from mx1.redhat.com ([66.187.233.31]:44768 "EHLO mx1.redhat.com") by vger.kernel.org with ESMTP id S261837AbVEWEa2 (ORCPT ); Mon, 23 May 2005 00:30:28 -0400 Date: Mon, 23 May 2005 00:30:15 -0400 (EDT) From: James Morris X-X-Sender: jmorris@thoron.boston.redhat.com To: Reiner Sailer cc: Pavel Machek , , , , , Subject: Re: [PATCH 2 of 4] ima: related Makefile compile order change and Readme In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 735 Lines: 24 On Sun, 22 May 2005, Reiner Sailer wrote: > IMA implements the measurment hooks and maintains the measurement list > and its integrity value in the TPM PCR. Services retrieving and evaluating > measurement lists can be based on top of IMA. Perhaps I don't understand things fully, but what is the purpose of providing measurement values locally via proc? How can they be trusted without the TPM signing an externally generated nonce? - James -- James Morris - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/