Re: F36 Change: DIGLIM (System-Wide Change proposal)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Jan 19, 2022 at 11:34:28AM +0000, Roberto Sassu via devel wrote:
> > From: Roberto Sassu
> > Sent: Tuesday, January 18, 2022 3:36 PM
> > Hi everyone
> > 
> > I recently sent to the kernel mailing lists a patch set to support
> > PGP keys and signatures.
> > 
> > Other than allowing the appraisal of RPM headers without
> > changes to the building infrastructure, it would also simplify
> > key management for the use cases requiring file or fsverity
> > signatures (no need for a secondary key).
> > 
> > This is the link of the patch set:
> > 
> > https://lore.kernel.org/linux-integrity/20220111180318.591029-1-
> > roberto.sassu@xxxxxxxxxx/
> > 
> > One point of the discussion was if there is the need to support
> > PGP in the kernel, or if a distribution should adapt its key
> > management to be compatible with key types currently available
> > in the kernel.
> 
> I have a question related to this. Is the private key used to sign
> kernel modules available also when other packages are built?

Nope. My understanding is that this is only available during that kernel
build and then disguarded. (But you could perhaps ask on fedora's kernel
list about it for more info). 

kevin

Attachment: signature.asc
Description: PGP signature

_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux