Re: [RFC][PATCH 08/12] KEYS: PGP-based public key signature verification

From: David Howells
Date: Mon Nov 12 2018 - 07:43:59 EST

Next message: Szabolcs Nagy: "Re: Official Linux system wrapper library?"
Previous message: Naga Sureshkumar Relli: "RE: [LINUX PATCH v12 3/3] mtd: rawnand: arasan: Add support for Arasan NAND Flash Controller"
In reply to: David Howells: "Re: [RFC][PATCH 05/12] PGPLIB: Signature parser"
Next in thread: Roberto Sassu: "Re: [RFC][PATCH 08/12] KEYS: PGP-based public key signature verification"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Roberto Sassu <roberto.sassu@xxxxxxxxxx> wrote:

> - switch from session to user keyring (Roberto Sassu)
> - search user keyring only if no keyring was provided, so that the
> trustworthiness of the signature depends on the type of keyring
> containing the key used for signature verification (Roberto Sassu)

Er. No. You should search the session keyring. This may contain a link to
the user keyring (pam_keyinit emplaces one).

You need to consider what it is that the patch trying to achieve.

David

Next message: Szabolcs Nagy: "Re: Official Linux system wrapper library?"
Previous message: Naga Sureshkumar Relli: "RE: [LINUX PATCH v12 3/3] mtd: rawnand: arasan: Add support for Arasan NAND Flash Controller"
In reply to: David Howells: "Re: [RFC][PATCH 05/12] PGPLIB: Signature parser"
Next in thread: Roberto Sassu: "Re: [RFC][PATCH 08/12] KEYS: PGP-based public key signature verification"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]