| 16 Jul 2021 |
 andi- | I'll have to read a few more things on this... | 13:28:31 |
 @grahamc:nixos.org | me too :P | 13:34:29 |
| @grahamc:nixos.org | https://developers.tpm.dev/posts/15575774 got confirmation on my question about the private half not being sensitive | 13:40:53 |
| andi- | Interesting. What do you do with primary.ctx? Store somewhere? Destroy as you don't intend to ever change it? | 13:43:06 |
| @grahamc:nixos.org | destroy it and recreate every time | 13:43:19 |
| @grahamc:nixos.org | I believe createprimary creates an encryption key to communicate with the TPM with, and then gets the the key to sign | 13:43:56 |
| @grahamc:nixos.org | * I believe createprimary creates an encryption key to communicate with the TPM with, and then gets the TPM's key | 13:44:17 |
| @grahamc:nixos.org | the communication key is changing every time but that is fine, but the TPM's key is the same every time | 13:44:28 |
| @grahamc:nixos.org | if you run createprimary with th esam eargs a bunch of times the first half of the file is different every time and the second half is the same | 13:44:41 |
| andi- | ok, perhaps I should start with QEMU and some soft TPM to play around with this | 13:47:05 |
| andi- | less likely to screw up my SSH key that way :D | 13:47:14 |
| @grahamc:nixos.org | yes, I haven't moved my dataset's encryption to use the TPM yet either :P | 13:47:58 |
| andi- | When we used to say GPG is hard I think we really overstated it a bit in comparison | 13:48:33 |
| @grahamc:nixos.org | you know, I disagree | 13:48:45 |
| @grahamc:nixos.org | well | 13:48:54 |
| andi- | I am not defending GPG... | 13:49:05 |
| @grahamc:nixos.org | yeah | 13:49:09 |
| @grahamc:nixos.org | I'm trying to think about what my position is here :P | 13:49:20 |
| andi- | TPMs in systems like Windows or MacOS are probably something ~15 engineers at either company understand and maintain. None of the millions of users has knowledge about them to use BitLocker or FileVault. | 13:50:07 |
| @grahamc:nixos.org | yes! | 13:50:16 |
| @grahamc:nixos.org | 100% | 13:50:19 |
| andi- | With GPG everyone has some wrong assumption on how it works but it works somehow (most of the time?) | 13:50:27 |
| @grahamc:nixos.org | the complicated bad stuff of GPG that I hate is:
- people don't know how to use it safely
- it is easy to do something catastrophically bad
- the lifecycle of the keys is "I dunno whatever"
| 13:51:51 |
| andi- | Like I was asked what kind of file encryption we (day job) could use for exchanging sensitive documents with a partner... The partner proposed GPG because their enterprise security department says it is secure. Nothing else is acceptable as it hasn't been audited. Something like age wouldn't even be considered even if it is simpler and better suited for the process :/ | 13:52:06 |
| andi- | And I think with "audited" they don't mean having read the GPG code... | 13:52:38 |
| @grahamc:nixos.org | hahaha no chance | 13:52:43 |
| andi- | Hell, I'd probably propose just using openssl CLI instead of GPG... | 13:53:04 |
| @grahamc:nixos.org | oh and 4. people pretend like mere mortals could use it | 13:53:13 |
| @grahamc:nixos.org | at least with a TPM nobody is expecting regular people to actually interact with it | 13:53:33 |
| andi- | Wait until we adjust the NixOS install guid to "now do your usual TPM init dance" | 13:53:54 |
