Ticket #1001 (new enhancement)
Use Intel TXT for remote validation of clusters
Reported by: | geofft | Owned by: | |
---|---|---|---|
Priority: | low | Milestone: | The Distant Future |
Component: | -- | Keywords: | |
Cc: | Fixed in version: | ||
Upstream bug: |
Description
The Dell 790s (at least) have Intel processors that support TXT, which can use some combination of the TPM and virtualization / IOMMU support to do remote attestation. That way we can verify that the bootloader, the kernel, the public workstation verification script, and anything it depends on have not been tampered with, and thereby trust the results of the verification script.
Note: See
TracTickets for help on using
tickets.
Intel recently announced a thing called OpenAttestation, which might make this more tractable.