Closed Rydekull closed 3 years ago
openshift-bot
commented
4 years ago Issues go stale after 90d of inactivity.
Mark the issue as fresh by commenting /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
Exclude this issue from closing by commenting /lifecycle frozen.
If this issue is safe to close now please do so with /close.
/lifecycle stale
openshift-bot
commented
3 years ago Stale issues rot after 30d of inactivity.
Mark the issue as fresh by commenting /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.
Exclude this issue from closing by commenting /lifecycle frozen.
If this issue is safe to close now please do so with /close.
/lifecycle rotten /remove-lifecycle stale
openshift-bot
commented
3 years ago Rotten issues close after 30d of inactivity.
Reopen the issue by commenting /reopen.
Mark the issue as fresh by commenting /remove-lifecycle rotten.
Exclude this issue from closing again by commenting /lifecycle frozen.
/close
openshift-ci-robot
commented
3 years ago @openshift-bot: Closing this issue.
Which section(s) is the issue in?
Boot disk encryption (TPM and Tang)
What needs fixing?
In general, the instructions need to be a bit more clear about the prerequisites for each section.
The TPM section's prereqs around TPM needs to be much more clearly defined. I am not saying we should spell out how to configure TPM for every platform, but guide users to some examples and references on what's required for example in a bare-metal environment, a virtual environment or a cloud environment.
For tang, there's much more prereqs required. And there needs to be an explanation on the different components required and how they actually works in relation with OpenShift.
How is this setup really secure? A diagram an explanation of the thumbprint and key exchange would be great.