On 6/7/19 10:15 AM, Lakshmi wrote:
On 6/7/19 7:14 AM, Ken Goldman wrote:
Why is this important? What is gained by measuring the keys on the
built-in keyring? The IMA log already measures [a pointer to] the
IMA keys used for signature verification. Why does the service care
what keys were used to install the IMA keys?
By measuring the built-in keyring, the service knows whether or not the
key(s) in "IMA keyring" are indeed trusted or not. So while the IMA key
validates the file signatures on the client, the built-in key validates
the IMA key(s).
By knowing what keys were used to install the IMA key(s) the service
knows whether or not to trust the signature validation performed by IMA
on the client.
Hi Ken\Mimi,
Please let me know if you have more questions\concerns about this approach.
If the high level design is acceptable, please review the code changes
and provide feedback\comments.
Thanks,
-lakshmi
