On Thu, 2021-07-08 at 17:17 -0600, Eric Snowberg wrote: > > Once all the CA keys in the MOK db are loaded onto the MOK keyring, > > To avoid confusion with the new keyring name, would it be more appropriate > to change what we are calling the .mok keyring to the .trusted_platform > keyring instead? Or just leave it as .mok? Definitely not ".trusted_platform" keyring, as it would be too confusing with the existing "trusted" key type [1]. At least for now, leave it as ".mok". thanks, Mimi [1] Documentation/security/keys/trusted-encrypted.rst
