[OLPC-devel] OLPC "bootloader"

Ivan Krstic krstic at fas.harvard.edu
Sun Jun 25 18:37:54 EDT 2006


Krishna Sankar (ksankar) wrote:
> 	Yep, if the BIOS is in place, one mechanism could be signed code
> with an OLPC cert. Would we be able to get SSL functionality in the BIOS

Given our available computational resources on the laptop, and the
complexity of SSL, SSL is more of a non-solution than anything. It's
also "solving" the wrong problem: we don't care about protecting the
confidentiality of the wireless data during a reflash; only about
asserting its integrity.

There's already hashing code in the kernel; we should see if we can
easily cherrypick the signature verification code from IPSEC.

-- 
Ivan Krstic <krstic at fas.harvard.edu> | GPG: 0x147C722D



More information about the Devel mailing list