On Fri, May 12, 2023 at 08:17:21PM +0200, Thomas Gleixner wrote:
On Fri, May 12 2023 at 17:13, Matthew Garrett wrote:
quoted
On Fri, May 12, 2023 at 03:24:04PM +0200, Thomas Gleixner wrote:
quoted
On Fri, May 12 2023 at 12:28, Matthew Garrett wrote:
quoted
Unless we assert that SHA-1 events are unsupported, it seems a bit odd
to force a policy on people who have both banks enabled. People with
mixed fleets are potentially going to be dealing with SHA-1 measurements
for a while yet, and while there's obviously a security benefit in using
SHA-2 instead it'd be irritating to have to maintain two attestation
policies.
Why?
If you have a mixed fleet then it's not too much asked to provide two
data sets. On a TPM2 system you can enforce SHA-2 and only fallback to
SHA-1 on TPM 1.2 hardware. No?
No, beause having TPM2 hardware doesn't guarantee that your firmware
enables SHA-2 (which also means this is something that could change with
firmware updates, which means that refusing to support SHA-1 if the
SHA-2 banks are enabled could result in an entirely different policy
being required (and plausibly one that isn't implemented in their
existing tooling)
It's not rocket science to have both variants supported in tooling,
really.
People who are currently using tboot are only getting SHA-1, so there's
no obvious reason for them to have added support yet. *My* tooling all
supports SHA-2 so I'm completely fine here, but either we refuse to
support a bunch of hardware or we have to support SHA-1 anyway, and if
we have to support it the only reason not to implement it even in the
"SHA-2 is supported" case is because we have opinions about how other
people implement their security.