Linux Security Summit North America 2019

TPM remote attestation allows a machine to provide proof about what happened during its boot process, in turn allowing appropriate policy and trust decisions to be made by remote services. But the flexibility of any such decision is determined by the richness of the available information that is logged and can be reported, and right now in Linux there's very little available information.

This presentation will give a brief overview of remote attestation and the state of available tooling under Linux, along with the various components that generate events that can be used for policy decisions. It will compare Linux to Windows, and identify the areas where Linux is currently deficient. Finally, it will propose some potential solutions for improving the state of the ecosystem and move on to a discussion around whether there are better alternatives.