From: Joseph Reynolds <jrey@linux.ibm.com>
To: Michael Richardson <mcr@sandelman.ca>,
Patrick Williams <patrick@stwcx.xyz>
Cc: openbmc <openbmc@lists.ozlabs.org>
Subject: Re: Security Working Group meeting - Wednesday March 16 - results - audit log handling
Date: Fri, 18 Mar 2022 17:23:43 -0500 [thread overview]
Message-ID: <3d0f9c09-e3e0-2a4a-7f48-5f09991fba8a@linux.ibm.com> (raw)
In-Reply-To: <211577.1647459931@dooku>
On 3/16/22 2:45 PM, Michael Richardson wrote:
> Joseph Reynolds <jrey@linux.ibm.com> wrote:
> > We also discussed encrypting data like logs, and storing keys in a
> > vault / trust zone / TPM.
>
> Wouldn't it make most sense to encrypt them *to* an asymmetric (public) key that is
> not on the BMC? Or one can send them over encrypted syslog, or netconf to
> another server for safe keeping.
> Or are you thinking that you need to sign the logs?
>
> If the key is stored locally, even in a TPM, and the point is to be able to
> review logs locally, then the logs need to get decrypted, and that means that
> the key needs to be enabled/opened/activated locally, and which point,
> if there was a compromised system, the bad guy wins.
>
> I guess I wonder what the goals are here.
Goals? We didn't mention any goals, and the discussion about encryption
was lighthearted and introductory.
I had not thought past storing the audit log on the BMC, and realizing
that it should be encrypted or streamed off the BMC.
I agree that using symmetric keys is not a good idea.
I'll ask my requirement providers what their needs are in this space.
- Joseph
>
> > See also encrypted volume https://github.com/openbmc/estoraged
> > <https://github.com/openbmc/estoraged>
>
> Same issue: where is the key stored?
same
next prev parent reply other threads:[~2022-03-18 22:24 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-16 2:45 Security Working Group meeting - Wednesday March 16 Joseph Reynolds
2022-03-16 17:51 ` Security Working Group meeting - Wednesday March 16 - results Joseph Reynolds
2022-03-16 19:45 ` Michael Richardson
2022-03-18 22:23 ` Joseph Reynolds [this message]
2022-03-16 23:21 ` Patrick Williams
2022-03-18 22:49 ` Joseph Reynolds
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3d0f9c09-e3e0-2a4a-7f48-5f09991fba8a@linux.ibm.com \
--to=jrey@linux.ibm.com \
--cc=mcr@sandelman.ca \
--cc=openbmc@lists.ozlabs.org \
--cc=patrick@stwcx.xyz \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.