Re: [Etherboot-developers] Securing bootup
Brought to you by:
marty_connor,
stefanhajnoczi
Menu
▾
▴
Re: [Etherboot-developers] Securing bootup
|
From: <ebi...@ln...> - 2003-03-28 02:31:00
|
"Jason A. Pattie" <pat...@pc...> writes: > Ken Yap wrote: > >>Does Etherboot initialize USB and read this key? > > > > > > No, that would be another project on the wishlist. :-) > > > > > >>Perfect! IPSec implements key exchanges on UDP port 500. > > > > > > Don't you need TCP for data transfers? > > Hmm. I think so. However, the encrypted tunnel would be using packets > on protocols 50 and 51 (ESP/AH), which then get converted to TCP or UDP > packets inside the kernel. As I understand encryption most encryption techniques fail to be effective about disguising a message if you send the same message over and over again. With network booting this is the case. Loading an image that was authenticated at some point in time is a reasonable problem. Beyond that the code is complicated and it really does not help. Eric |
