On Wed, Dec 16, 2020 at 10:29 PM przemek klosowski via devel <devel@xxxxxxxxxxxxxxxxxxxxxxx> wrote: > > > On 12/16/20 5:38 PM, Kevin Fenzi wrote: > > On Wed, Dec 16, 2020 at 04:28:49PM -0500, przemek klosowski via devel wrote: > > I was trying to make a point that we don't have a way to check the initial > image: it could be altered to falsely claim to be signed by fedoraproject. > > well, we do: https://getfedora.org/security/ > > Right, but it's not automatic, and requires an existing known-good system, which is the actual 'root of trust' here. This cannot be assumed about a flash drive, which is why the automatic image check is hard. > > I guess it would involve a secure boot into a fedora signed shim that > > retrieves the checksum over a verified TLS network connection > checks the image against that. Pretty sure Fedora Media Writer does this if it downloads the ISO file. You can point to an already downloaded ISO file on your computer, and in that case it can't do the check. -- Chris Murphy _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
