| 1 Mar 2023 |
 raitobezarius | 2.6.1, 2.6.2, 2.6.3 | 13:18:10 |
| raitobezarius | It's indeed the "reference code" provided in the specification | 13:18:27 |
 @grahamc:nixos.org | ah, ok, cool, so the code is in the spec, but as a reference and not actually the rules of how a tpm must operate | 13:18:53 |
| raitobezarius | Yeah, it's not protocol-level vuln I suppose | 13:19:03 |
| @grahamc:nixos.org | whew | 13:19:28 |
| raitobezarius | cc baloo if you can bump libtpms in nixpkgs | 13:34:23 |
 baloo | Yeah the spec also provide a sample implementation. I know libtpms just imports that.
I don’t know if the spec mandates that you use this implementation | 15:24:11 |
| baloo | What I can tell you is that it is sometimes easier to go look at the code to make sense of the spec (especially around credentials) | 15:24:48 |
| baloo | Yeah I’ll bump the libtpms | 15:26:28 |
| baloo | https://github.com/NixOS/nixpkgs/pull/219016 | 16:34:32 |
| baloo | now the fun begins: sending that to vendors of TPMs and see if they are affected :D | 16:54:40 |
| baloo | got beat to it, but I don't think I can share the response from vendor.
But I can say our product is not affected? | 17:06:43 |
| baloo | make of that what you will | 17:06:51 |
 Julian Stecklina (Old) | baloo: where are you actually working at? :) (If you want to share) | 17:15:42 |
| baloo | arista networks | 17:15:56 |
| baloo | the NDR division deploys nixos in production | 17:16:58 |
| Julian Stecklina (Old) | Ah, nice | 17:17:07 |
| 2 Mar 2023 |
|  j-k joined the room. | 11:52:10 |
| 9 Mar 2023 |
|  R̴̨͕͇͍̞̮̐̅͆̌̀̉̐͋̈́̃̀͒́̎̅̚̚̚͠͝Ĕ̵̡̛͖͖̟̙̫̱͈̘̞̭͍͍͑̌̄͑̓̋̓̀̈̏̈́͊̇͊͆̉͂̏̀̃̚͘͝͝ͅͅD̶̡̢͔̱̖̮͙͉̘̺͓͍̩̮͈͍͗̃̀̏͌͘͜ͅŚ̸̬̭̯̬͙͇͓̬̩̳̤͚͓̤̩̺͉͖̉͛̓̿̎͊̿̆́̐͂̇͌̄̇̓͘ͅͅT̴̞̫̘̝͇͔̟̪̪̦͂̔̎̀̎ͅŎ̷̡̬̹̪͈̭̣͈̭̭͉̦̖̝̘̪͖͔̥̦̘̻̳Ṋ̶̛̫͈̳̘͚̜̔̋͆̅̈́͊̑͊̉̌̈́̾͑̈́̚ͅË̸̡̨̨̛͇̜̖͔͖̻̟̗̠̙͓̘̗̥͉͇̜͑͆͊͑͑̀̓͒͜͝͝ joined the room. | 05:00:39 |
|  pedrohlc changed their profile picture. | 13:30:25 |
| 14 Mar 2023 |
|  mei 🌒& changed their display name from ckie (they/them) to ckie (they/them; heavily limited keyboard usage, dictation or voice only). | 01:10:19 |
| 15 Mar 2023 |
|  cornu joined the room. | 21:14:25 |
| 19 Mar 2023 |
|  quasineutral joined the room. | 11:44:55 |
| 23 Mar 2023 |
| mei 🌒& changed their display name from ckie (they/them; heavily limited keyboard usage, dictation or voice only) to ckie (they/them; limited keyboard usage, voice preferred). | 02:05:13 |
| 2 Apr 2023 |
|  aktaboot left the room. | 17:13:08 |
| 16 Apr 2023 |
|  ian luo joined the room. | 02:27:17 |
| 17 Apr 2023 |
|  GenericNerdyUsername joined the room. | 22:56:18 |
| 28 Apr 2023 |
| raitobezarius | ElvishJerricco: so you have TPM2 unlock with systemd-measure for PCRs? | 13:06:47 |
 ElvishJerricco | raitobezarius: Yea, using https://github.com/DeterminateSystems/bootspec-secureboot/pull/240 | 13:10:49 |
| raitobezarius | alright I might port this to lanzaboote | 13:17:10 |
