[15016] in cryptography@c2.net mail archive
Re: example: secure computing kernel needed
daemon@ATHENA.MIT.EDU (William Arbaugh)
Mon Dec 22 20:46:38 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <bs2rr0$r1c$1@abraham.cs.berkeley.edu>
From: William Arbaugh <waa@cs.umd.edu>
Date: Mon, 22 Dec 2003 19:47:51 -0500
To: cryptography@metzdowd.com
>
I agree with everything you say, David, until here.
> As for remote attestion, it's true that it does not directly let a
> remote
> party control your computer. I never claimed that. Rather, it enables
> remote parties to exert control over your computer in a way that is
> not possible without remote attestation. The mechanism is different,
> but the end result is similar.
>
>
If that is the case, then strong authentication provides the same
degree of control over your computer. With remote attestation, the
distant end determines if they wish to communicate with you based on
the fingerprint of your configuration. With strong authentication, the
distant end determines if they wish to communicate with you based on
your identity.
I just don't see remote attestation as providing control over your
computer provided the user/owner has control over when and if remote
attestation is used. Further, I can think of several instances where
remote attestation is a good thing. For example, a privacy P2P file
sharing network. You wouldn't want to share your files with an RIAA
modified version of the program that's designed to break the anonymity
of the network.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
