[nijave]

Having http as an alternative to tftp is a nice win. The range of things that can run an http server is much bigger than tftp

>Additionally, adding the TLS layer brings back the missing integrity and confidentiality guarantees and thus paves the way to move critical boot components out of the trusted network, possibly even to a remote location/Cloud.

Doesn't secure boot already provide this or am I misunderstanding something? I suppose secure boot only provides integrity but not confidentiality although I'm not sure how much confidentiality matters given we're just talking about the kernel here

[naturalmovement]

> > adding the TLS layer brings back the missing integrity

A foolish interpretation of what TLS does and I see this every day. Integrity of the bits and bytes in transit is unimportant here. Validation of the signed software after you have received it is everything. TLS integrity is at best redundant and at worst — the interpretation made here — leaves you vulnerable and with a false sense of security.

Anyone who has gone to the trouble to modify software to inject malware would certainly happily serve it to you over TLS.

[rwmj]

In theory the client could validate a specific server with a pinned certificate, although TLS implementations can make this difficult to do in practice. TLS also lets you use client certificates to authenticate the client to the server, which could be a win in some situations (although also a PITA to set up).

[naturalmovement]

I can guarantee you with nearly 100% certainty that UEFI TLS clients are bound to be buggy garbage broken in not-insignificant ways.

[nijave]

From the article, it's using OpenSSL in EDK II

In fact, a whole section of the article is dedicated to talking about how they got tripped up by OpenSSL security level 3 rejecting 2048 bit RSA key

[bigfatkitten]

The IP stack and HTTP clients are problematic enough without adding the enormous complexity of a TLS implementation on top.

[naturalmovement]

They have a hard enough time managing the relatively few certificates for secure boot.

You want me to believe all the various BIOS manufacturers are going to competently manage a WebPKI root certificate program?

[eggnet]

TLS also allows for the contents of a boot image to be hidden from others.

[naturalmovement]

Ok, but so what?

You guys are out here protecting against ghosts but at the same time making the really important stuff 10x harder and more vulnerable to bugs.

[pzmarzly]

> The range of things that can run an http server is much bigger than tftp

Don't go too crazy though, these UEFI HTTP clients are not well behaved. For example, last time I checked, EDK required the URL to end with ".efi", instead of checking Content-Type header.

[pdmccormick]

Thank you for sharing this tidbit. It looks like this may have been fixed? https://github.com/tianocore/edk2/blob/master/NetworkPkg/Htt...

I have an HTTP netboot flow that worked on older AMI Aptio firmwares, but fails on anything newer to even fetch the bootfile after a successful DHCP cycle, so I heartily agree with your sentiment that these are not necessarily well adjusted clients!

[LooseMarmoset]

Secure boot is designed to verify software signatures. The UEFI bios might support loading software over https, but it isn't part of secure boot. Secure boot would verify any kernels/etc loaded from https.

[RulerOf]

That was the point as I read it. Payload signature verification is a good and sometimes desirable alternative to transport encryption when the payload itself isn't secret.

Highly-cacheable resources like game and OS updates are often intentionally delivered over http as signed payloads to facilitate middlebox caching.

[naturalmovement]

> Secure boot is designed to verify software signatures

aka integrity.

HTTPS is a useless gesture here, adding complexity to critical software that needs to be as simple and auditable as possible. Confidentiality is essentially unimportant to anyone but the most autistic of by-the-book nerds. It buys you nothing in a practical sense. Most netbooting happens over closed networks anyway.

[robertlagrant]

I agree that integrity can be done by secure boot, but HTTPS does mean that someone can't intercept your request and serve you valid, signed, older software that has a known security flaw in it.

[nijave]

An LLM pointed this out to me as well which I think is a fair point.

However, in practice it doesn't matter for any machine that has persistence since it only needs to netboot once to transfer an image to local storage. Besides that, you can also invert and bootstrap with BMC or even a flash drive and skip the whole network anyway.

Finally, you can reduce risk if you only bootstrap a minimal executable which itself has a robust bootstrapping mechanism. In the post, they're jumping to iPXE from UEFI so the concern would be loading an old iPXE version.

[rwmj]

NBD (over TLS) would be even better because it loads on demand. You could ship large full-featured OS images and only the parts/features you used would be loaded. One day when I'm retired I plan to add this to OVMF.