Open oherrala opened 8 years ago
Also one thing to consider could be verified boot vs measured boot.
In verified boot a trust anchor is available as a pre-condition before start of boot. All components in chain of trust are verified ultimately to this root of trust. If any verification check fails, boot process stops.
In measured boot a trust anchor may not be available but the boot process measures the boot process (shasums or similar) of all components. Later on this measurement can be then checked against a known good. Status of the system is unknown until the measurement has been validated.
Main difference is that measured boot does not necessarily require the root of trust / trust anchor to reside in the target/hostile environment as the measurement could be manually validated against external reference value(s).
Comment by @arikauppi in commit a38050d2711c68e21f7d2bdc0dbe49540490b84c