Received: by 2002:a05:6358:c692:b0:131:369:b2a3 with SMTP id fe18csp6045962rwb; Tue, 1 Aug 2023 11:24:33 -0700 (PDT) X-Google-Smtp-Source: APBJJlE8V79wVZLcHtsBQcy6MtByn3kOzJqpdUW1z2j5tyJlO8aP+QVS6veKkt1PMuMuqwwBpeUa X-Received: by 2002:a17:906:9be6:b0:992:2f67:cd34 with SMTP id de38-20020a1709069be600b009922f67cd34mr4285899ejc.22.1690914272877; Tue, 01 Aug 2023 11:24:32 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1690914272; cv=none; d=google.com; s=arc-20160816; b=EfnEypSY60Pqxj82bkM761Uhy4ozC2uzIda0TE5K0t/Z7h5GG37FIFgCQyE43o5qHh RmvYHHBKunsSPafOpZpjfCJKER/HN3eHZ2EsTs1dlFmdmFLxOCQwKU+02/JF+GzQ2Xs5 v+DuMRiN/Pwr+DH/AyIXvEw2ggIdXYuPfzSxoRZyFLHVScSq9DdOFOd40iR9lalQ2fxV mhUZkt/fXH2qwWmK85AIie/7FTYSZ58f6WecypsivfqAcCny51VCJRHfBcQ8WP9Wo5Lx tYstarw/0wHHaTxsiZH0ZzznckHbKKCdB2rwYScbaXBA9afht4yHVHWLQ7MyGzExA8KI 60nQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:references:to:from:subject:cc :message-id:date:content-transfer-encoding:mime-version :dkim-signature; bh=4zPd/AhBmLS/qewQ1xI4eHmekkdxZX+mL0LwK6ccCG8=; fh=fOAGhJWWRPLaHuJre8xBhrHgQJuOUSWiFLZYSOTXP70=; b=SXTkbv23ejVHB+R/qLMeR4KmuKDrdoAeXG7cr++2g363M/swtlrN/aCEKXD7z+H2RC nHXGB1/478twJtKL2zcR6H2/1MOuIpBrX7Ul08IeYAMaXMhRqCQ+eCnFdIUGoAK5rr4a 7Mejh5N6hCVByPvzEAINUy7fD8L7/f7IGPhxUhfaTmIffT+7jMI41mqWhjww5HBbju0p 1j+kGIdu7LpjUH2mWYjta4hnQzFs6FkJYXP03yhc96fIgGmrb0MRobieXTfhPWHHYR3+ AiUFcvlTQo9U13D3mZiO6Nw9OuLOwzchxzAmxjhCT6UMzF/nKMzUqB4e6W0DYWxjTty+ cgxA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=KKeZohGI; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id bu10-20020a170906a14a00b0099b46fc04f6si8574372ejb.1006.2023.08.01.11.24.08; Tue, 01 Aug 2023 11:24:32 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=KKeZohGI; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230372AbjHASBV (ORCPT + 99 others); Tue, 1 Aug 2023 14:01:21 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55312 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229756AbjHASBT (ORCPT ); Tue, 1 Aug 2023 14:01:19 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 59AA010E; Tue, 1 Aug 2023 11:01:18 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 688CB61646; Tue, 1 Aug 2023 18:01:18 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id CE69BC433CA; Tue, 1 Aug 2023 18:01:14 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1690912877; bh=4zPd/AhBmLS/qewQ1xI4eHmekkdxZX+mL0LwK6ccCG8=; h=Date:Cc:Subject:From:To:References:In-Reply-To:From; b=KKeZohGI1kDCR2bDYUuTAxvNkhkZGEOD4+Y1x9a7ikI9YC7gdu8OF4nprsxvsqUuO +CbL1iqDwilwa+YGfz7ssZMvMdJ+D1C5SIxfPnlMX0BAumiTTieHR1xY6ia4xmH6Kq +R13tuM8Dh9Kq+UacCOgHjUuc/J53ry7riD6PgEo+nqZgcRNOZNtXyUhD8pqRGGDpl +hfNR2w82Ue6EGmF6x+su0D4E25K0uImf4zsiJGutD2jIqN6avlCMw5/H6FyEZAqPN XDDSrJrEC9YkIXfSS1DdMBfl6N3piH3Zi2MgsXn+hSgzA7WGX59qHd51+VzQDrbf4v fwL3LjmZrzO+g== Mime-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=UTF-8 Date: Tue, 01 Aug 2023 21:01:12 +0300 Message-Id: Cc: , "Kuppuswamy Sathyanarayanan" , "Dionna Amalie Glaze" , "Greg Kroah-Hartman" , "Samuel Ortiz" , , , , , Subject: Re: [PATCH 1/4] keys: Introduce tsm keys From: "Jarkko Sakkinen" To: "Peter Gonda" , "Dan Williams" X-Mailer: aerc 0.14.0 References: <169057265210.180586.7950140104251236598.stgit@dwillia2-xfh.jf.intel.com> <169057265801.180586.10867293237672839356.stgit@dwillia2-xfh.jf.intel.com> In-Reply-To: X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon Jul 31, 2023 at 7:33 PM EEST, Peter Gonda wrote: > What is the purpose of this report? What does it prove to whom? I'm a > bit confused because it doesn't seem like there is an ability for a > remote party to participate in a challenge and response to introduce > any freshness into this protocol. > > Also shouldn't the report have a little more context into the key we > are signing? For instance what type of public key is this? And what is > its purpose? In your example this isn't even a valid public key. Yeah, I agree. It is pretty hard to even evaluate whether this should be in kernel or could handled by the user space (perhaps with something less intrusive added to the kernel). With cover letter starting with not one but two three letter acronyms that are not common vocabulary is already a red flag for me at least. A lot more clarity is needed on what the heck this thing is anyway. BR, Jarkko