Re: [PATCH RFC 00/12] Enroll kernel keys thru MOK

From: Mimi Zohar
Date: Thu Jul 08 2021 - 21:11:46 EST

Next message: Andrew Lunn: "Re: [PATCH net] net: phy: reconfigure PHY WOL in resume if WOL option still enabled"
Previous message: xiongxin: "[PATCH] PM / s2idle: Fix the failure of specifying "mem_sleep_default=" parameter"
In reply to: Eric Snowberg: "Re: [PATCH RFC 00/12] Enroll kernel keys thru MOK"
Next in thread: Nayna: "Re: [PATCH RFC 00/12] Enroll kernel keys thru MOK"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 2021-07-08 at 17:17 -0600, Eric Snowberg wrote:
> > Once all the CA keys in the MOK db are loaded onto the MOK keyring,
>
> To avoid confusion with the new keyring name, would it be more appropriate
> to change what we are calling the .mok keyring to the .trusted_platform
> keyring instead? Or just leave it as .mok?

Definitely not ".trusted_platform" keyring, as it would be too
confusing with the existing "trusted" key type [1]. At least for now,
leave it as ".mok".

thanks,

Mimi

[1] Documentation/security/keys/trusted-encrypted.rst

Next message: Andrew Lunn: "Re: [PATCH net] net: phy: reconfigure PHY WOL in resume if WOL option still enabled"
Previous message: xiongxin: "[PATCH] PM / s2idle: Fix the failure of specifying "mem_sleep_default=" parameter"
In reply to: Eric Snowberg: "Re: [PATCH RFC 00/12] Enroll kernel keys thru MOK"
Next in thread: Nayna: "Re: [PATCH RFC 00/12] Enroll kernel keys thru MOK"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]