Re: [RFC 1/1] ima: digital signature verification using asymmetrickeys

From: Vivek Goyal
Date: Tue Jan 29 2013 - 11:36:46 EST

Next message: Gleb Natapov: "Re: [PATCH 1/3] x86: KVM: Fix warnings by returning bool"
Previous message: Dave Kleikamp: "[PATCH V6 01/30] iov_iter: move into its own file"
In reply to: Mimi Zohar: "Re: [RFC 1/1] ima: digital signature verification using asymmetrickeys"
Next in thread: Kasatkin, Dmitry: "Re: [RFC 1/1] ima: digital signature verification using asymmetric keys"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Jan 28, 2013 at 07:14:02PM -0500, Mimi Zohar wrote:

[..]
> The 'trusted' keyring is a solution for installing only distro or third
> party signed packages. How would a developer, for instance, create,
> sign, and install his own package and add his public key safely?

Hi Mimi,

I guess using MOK, developer should be able to import his public key in
shim database and in turn in kernel and use that to load user signed
moduels.

Thanks
Vivek
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Gleb Natapov: "Re: [PATCH 1/3] x86: KVM: Fix warnings by returning bool"
Previous message: Dave Kleikamp: "[PATCH V6 01/30] iov_iter: move into its own file"
In reply to: Mimi Zohar: "Re: [RFC 1/1] ima: digital signature verification using asymmetrickeys"
Next in thread: Kasatkin, Dmitry: "Re: [RFC 1/1] ima: digital signature verification using asymmetric keys"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]