[14977] in cryptography@c2.net mail archive
Re: example: secure computing kernel needed
daemon@ATHENA.MIT.EDU (William Arbaugh)
Sat Dec 20 12:22:51 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <bro03p$7bg$1@abraham.cs.berkeley.edu>
From: William Arbaugh <waa@cs.umd.edu>
Date: Thu, 18 Dec 2003 17:33:00 -0500
To: David Wagner <daw-usenet@taverner.cs.berkeley.edu>,
cryptography@metzdowd.com
On Dec 16, 2003, at 5:14 PM, David Wagner wrote:
> Jerrold Leichter wrote:
>> We've met the enemy, and he is us. *Any* secure computing kernel
>> that can do
>> the kinds of things we want out of secure computing kernels, can also
>> do the
>> kinds of things we *don't* want out of secure computing kernels.
>
> I don't understand why you say that. You can build perfectly good
> secure computing kernels that don't contain any support for remote
> attribution. It's all about who has control, isn't it?
>
>
There is no control of your system with remote attestation. Remote
attestation simply allows the distant end of a communication to
determine if your configuration is acceptable for them to communicate
with you. As such, remote attestation allows communicating parties to
determine with whom they communicate or share services. In that
respect, it is just like caller id. People should be able to either
attest remotely, or block it just like caller id. Just as the distant
end can choose to accept or not accept the connection.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
