Re: Suggestion: Use a unified kernel image by default in the future.

4 Jul 2022


      I think using credentials for the rootfs is not very useful, the user already enters the LUKS password on boot. Also, if the encryption keys are not stored locally, then they have no use, an attacker can just get them from the external storage. Many users also would not like needing an attestation service to boot either. If the encryption keys need to only be revealed on a trusted boot, then it should be stored in the tpm.

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

Re: Suggestion: Use a unified kernel image by default in the future.