On Thu, 2013-01-17 at 18:03 +, David Howells wrote:
> I would also like to have a look at altering your trusted key type[*] to be a
> subtype of asymmetric keys so that the asymmetric key type can cover keys from
> more sources:
>
> - Compiled-in keys.
> - Keys from UEFI db.
>
Mimi Zohar wrote:
> David, are you ok with how support for asymmetric keys is being added to
> EVM/IMA-appraisal for verifying signatures? Any comments?
I would also like to have a look at altering your trusted key type[*] to be a
subtype of asymmetric keys so that the asymmetric key type can c
On Tue, 2013-01-15 at 12:34 +0200, Dmitry Kasatkin wrote:
> Asymmetric keys were introduced in linux-3.7 to verify the signature on signed
> kernel modules. The asymmetric keys infrastructure abstracts the signature
> verification from the crypto details. This patch adds IMA/EVM signature
> verif
Asymmetric keys were introduced in linux-3.7 to verify the signature on signed
kernel modules. The asymmetric keys infrastructure abstracts the signature
verification from the crypto details. This patch adds IMA/EVM signature
verification using asymmetric keys. Support for additional signature
v
