chromium-os
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
chromium-os [2010/12/06 23:02] – cedric | chromium-os [2010/12/06 23:49] – cedric | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== Login ====== | ====== Login ====== | ||
- | * people can fully use Chromium OS without needing a Google login; | + | * people can fully use Chromium OS without needing a Google login (fine); |
- | * plan to give SSO experience at OpenID relying parties ; | + | * plan to give SSO experience at OpenID relying parties; |
+ | * user name will be hashed HASH(salt||user@domain.com). Web-based user name may contain characters that are not safe for use on the file system (nice side effect for the security). | ||
====== Security ====== | ====== Security ====== | ||
- | * cgroups; | + | * cgroups |
* cached data http:// | * cached data http:// | ||
* Suspending to RAM works already quite well with dm-crypt: | * Suspending to RAM works already quite well with dm-crypt: | ||
- | * according to Google no solutions against sophisticated attacks like Cold Boot Attacks on Encryption Keys http:// | + | * according to Google no concrete |
+ | * verified boot crypto specification: | ||
+ | * developer builds do not use a verified boot; | ||
+ | * the TPM is used as secure non-volatile storage for preventing key rollback attacks (not for the encryption); | ||
+ | * Google plan is to use a 8192-bit RSA key with SHA-512 for the root key signatures (NIST recommends the use of RSA 2048/ | ||
+ | * signin keys will change offently (Google plan to use 1024-bit RSA keys which provides a good speed/ | ||
====== Applications ====== | ====== Applications ====== | ||
* Google Chromium OS applications for maximum security; | * Google Chromium OS applications for maximum security; | ||
- | * all HTML5 applications | + | |
+ | | ||
chromium-os.txt · Last modified: 2010/12/14 22:37 by cedric