-
Welcome
-
Subscribe to
Shipping known-good PCR values
Session information has not yet been published for this event.
One Line Summary
How can we make it easier to seal secrets to TPMs?
Abstract
One of the strengths of TPMs is the ability to seal secrets and keys such that they can’t be used unless the system booted in an appropriate configuration. But without knowing these values in advance, how can we configure systems appropriately? This session will briefly cover the difficulties involved, suggest a couple of solutions and offer an opportunity to discuss how practical they are for integration into distributions.
Speaker
-
Matthew Garrett
CoreOS- Blog: http://mjg59.dreamwidth.org/
- Twitter: mjg59
Biography
Matthew Garrett is a security developer at CoreOS, developing technologies to improve the security of containers and the systems that run them. He has a background in firmware integration, power management and fruitfly genetics and so has atypical ideas about system complexity and the ease of reverse engineering. A board member at the Free Software Foundation and a a member of the Linux Foundation Technical Advisory Board, he has strong feelings on high-quality Free Software.