This is an old revision of the document!
===== Derek Pryor, gPXE Secure Network Booting ===== == Some useful links == * [[derekpryor-proposal|My Project Proposal]] ---- == Basic Idea == I am working on adding security into gPXE. There are several different ways to do this. At the moment I am working on adding the ability to use SSL with different connection methods (TCP/UDP/etc.) to create a secure connection over which you can download the needed files. I will be using MatrixSSL as the bases for my SSL library. == Design == To make sure that this SSL implementation is as connection independent as it can be, I will be making several functions that will construct the SSL messages in a supplied buffer. Then it will be up to programmer to send the buffer throught the used connection. There will also be functions to encode and decode data that is being sent over the connection. Since these function will use minimal internal memory and the programmer provides the buffers, the footprint for the library will be minimal. == Timeline (Till Aug 21) == * //Saturday June 24// - Finish mapping MatrixSSL design. Have communication flow layout. Finish setting up a testing setup, including a framework for testing code. * //Wednesday July 5// - Finish SSL key handling code. * //Saturday July 15// - Finish SSL handshake code. * //Wednesday July 26// - Finish SSL encode / decode code. * //Saturday August 5// - Finish SSL teardown code. * //Wednesday August 16// - Debug, Clean up code, etc. * //Monday August 21// - Buffer. == Timeline (Till end of SOC06) == * Integrate SSL Library into gPXE code base. * Create HTTPS (or similar) protocol, that used the SSL Library to create a secure network connection.