New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 780315 link

Starred by 1 user
Status: Verified
Owner:
drcrash@chromium.org
Closed: Nov 2017
Cc:
dkrahn@chromium.org
apronin@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 3
Type: Bug



Sign in to add a comment

Remove support for alternate PCAs

Project Member Reported by drcrash@chromium.org, Oct 31 2017 
Chromium OS has some support for an alternate PCA. However, this support is:
1. Partial. There are obvious places where things would break if one wanted to use an alternate PCA.
2. Untested. No alternate PCA has been developed and tested. (See 1.)
3. Maybe most importantly, entirely unsupported for TPM 2.0 in attestationd

Trying to maintain the illusion that we could have an alternate PCA while at the same time devoting no effort to actually do so is counterproductive. Cryptohomed contains (and gains!) dead code because of this, slowing down development.

I propose (and volunteer) to remove support for the alternate PCA in Chromium OS.
Project Member

Comment 1 by bugdroid1@chromium.org, Nov 3 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/d86db3179e62391655589f67fd723baf1779e906

commit d86db3179e62391655589f67fd723baf1779e906
Author: Yves Arrouye <drcrash@google.com>
Date: Fri Nov 03 06:18:22 2017

Remove alternate PCA as an option for attestation flows.

Bug:  chromium:780315 
Test: unit_tests
Change-Id: I730337d9f196720990aed89202d38a7984cf1754
Reviewed-on: https://chromium-review.googlesource.com/748823
Reviewed-by: Darren Krahn <dkrahn@chromium.org>
Commit-Queue: Yves Arrouye <drcrash@chromium.org>
Cr-Commit-Position: refs/heads/master@{#513709}
[modify] https://crrev.com/d86db3179e62391655589f67fd723baf1779e906/chromeos/attestation/attestation_constants.h
[modify] https://crrev.com/d86db3179e62391655589f67fd723baf1779e906/chromeos/attestation/attestation_flow_unittest.cc

Comment 2 by drcrash@chromium.org, Nov 10 2017

Status: Verified (was: Assigned)

Sign in to add a comment