Re: [PATCH v6 4/6] KEYS: validate certificate trust only with selected owner key

From: Mimi Zohar
Date: Fri Jun 27 2014 - 13:44:54 EST


On Fri, 2014-06-27 at 14:55 +0100, David Howells wrote:
> Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx> wrote:
>
> > This patch defines a new kernel parameter 'keys_ownerid' to identify
> > the owner's key which must be used for trust validation of certificates.
>
> "ca_keys" or "only_ca" instead, maybe?

Neither of these names reflect the concept of the machine owner or a
local key. The initial patches named it 'owner_keyid'. If kernel
parameters don't need to be prefixed with the subsystem, we could revert
the name change or call it localca_keyid.

Mimi

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/