On 11/27/2012 01:33 PM, Joe Zeff wrote:
On 11/27/2012 12:21 PM, Jared K. Smith wrote:
Yes, as I understand it the kernel key is used for module signing.
The most obvious new use for module signing is Secure Boot, so that
the kernel will only load modules signed with its key.
Is there one key for each kernel version, or is it specific to the
installation? In the latter case, how do modules get signed when the
kernel updates? (Disclaimer: I'm not trying to start an argument over
module signing, I just want to learn a little more about how it works.)
And that begs another question.
Will Fedora be signing the kernel and all it's modules?
If so, then every kernel version rpm distributed by Fedora
will have the same key for that particular version or will it
be the same key for all Fedora released kernel rpms?
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
