From owner-freebsd-security@FreeBSD.ORG  Mon May 14 22:09:18 2012
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 19BDC10656D9;
	Mon, 14 May 2012 22:09:18 +0000 (UTC)
	(envelope-from oliver.pntr@gmail.com)
Received: from mail-yw0-f54.google.com (mail-yw0-f54.google.com
	[209.85.213.54])
	by mx1.freebsd.org (Postfix) with ESMTP id B4A368FC15;
	Mon, 14 May 2012 22:09:17 +0000 (UTC)
Received: by yhgm50 with SMTP id m50so6097911yhg.13
	for <multiple recipients>; Mon, 14 May 2012 15:09:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
	h=mime-version:in-reply-to:references:date:message-id:subject:from:to
	:cc:content-type:content-transfer-encoding;
	bh=O4pSsMgjfjdp4mub1mw7+DpVNZSi80cGocQNkIbh7+4=;
	b=tPM8+kJFQIx3pObVY6JH5Q7aGJqK8poioJXrnIKyCauplm1WkMnBvkXZGANvFBmS6W
	YqCg2gQ8SuFiH2hYNWpPdujrLvq3oGVRWN9aOhI7pDcwLUyE2mqWlIbnPcz5zUvuxh4h
	9vT1Mw5FWmXWF45XPlfFwyyNUWtFmFkqjspcXHie6SZi5FdbAwBN0qBdcj7i9ZLlBAx1
	zK6bftXt4k3NnBrPirA1r8MNY4LGR4QiR0OUNasP2iidGO6ax8UKkzR8UNpAhXzKVlM5
	dcMeVId9/y4f/MK3Hpz6avlE1Oz8jfxjKW8XaQ3pECx2GqIL/E+mqLXZTtl9GvkyXTw3
	DtPQ==
MIME-Version: 1.0
Received: by 10.101.134.40 with SMTP id l40mr2979590ann.33.1337033357000; Mon,
	14 May 2012 15:09:17 -0700 (PDT)
Received: by 10.236.108.12 with HTTP; Mon, 14 May 2012 15:09:16 -0700 (PDT)
In-Reply-To: <1675571873.20120514120321@serebryakov.spb.ru>
References: <CAL5m1BvnZdNyOG5wDoO_oZi3aVa4aKuDPSLwFdiMoGdjbqfU1A@mail.gmail.com>
	<CAPjTQNE+ghPN5hLFGaOVZS3CnT5v_M_P3+usk5dBSpn9S2Cumw@mail.gmail.com>
	<1675571873.20120514120321@serebryakov.spb.ru>
Date: Tue, 15 May 2012 00:09:16 +0200
Message-ID: <CAPjTQNEFe-U-3RyWupV4Yy3_ae6U14dN-w=xsAy_vKSnq4=OtA@mail.gmail.com>
From: Oliver Pinter <oliver.pntr@gmail.com>
To: Lev Serebryakov <lev@freebsd.org>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Cc: mahdieh salamat <mahdieh.salamat@gmail.com>,
	Eric McCorkle <eric@shadowsun.net>, freebsd-security@freebsd.org
Subject: Re: HSM in Freebsd
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 14 May 2012 22:09:18 -0000

On 5/14/12, Lev Serebryakov <lev@freebsd.org> wrote:
> Hello, Oliver.
> You wrote 14 =D0=BC=D0=B0=D1=8F 2012 =D0=B3., 5:08:00:
>
> OP>
> http://www.trustedcomputinggroup.org/resources/bsssd_trusted_computing_no=
w_available_for_freebsd_and_openbsd
>  Wow!  Do  we  need  this  in  base  system?  Especially,  TPM driver?
> According to my experience (both as user and as driver author), it is
> ass in pain have 3rd party modules/drivers in system.

Hi Lev!

I like to see this and dependet parts of TPM in base system. I not yet
have a TPM chip to test it, but in near future plan to purchase one.

Some part of bsssd is already in ports:
/usr/ports/emulators/tpm-emulator
/usr/ports/security/openssl_tpm_engine
/usr/ports/security/tpm-tools
/usr/ports/security/tpmmanager
/usr/ports/security/opencryptoki
/usr/ports/security/trousers

I think in future should extending the loader to support TPM and it's
probably depend on EFI things.



>
> --
> // Black Lion AKA Lev Serebryakov <lev@FreeBSD.org>
>
>