On Fri, 2012-07-06 at 16:44 +0100, M A Young wrote:
Another good article I stumbled upon about what Fedora plans is at
http://mjg59.dreamwidth.org/12368.html
Yep, I found and (re)read it too. Here they are the excerpts that looked
more interesting to me:
"Instead we're writing a very simple bootloader[2]. This will do nothing
other than load a real bootloader (grub 2), validate that it's signed
with a Fedora signing key and then execute it. Using the Fedora signing
key there means that we can build grub updates in our existing build
infrastructure and sign them ourselves."
"So, we'll be moving to requiring signed kernel modules and locking down
certain aspects of kernel functionality."
"We'll be providing all the tools we use for signing our binaries, but
for obvious reasons we can't hand out our keys."
So, I might well be wrong, but that's how how understood the thing:
- what we need is the xen binaries shipped with the xen rpms to be
signed with the Fedora keys, just as grub2 and the linux binaries
will be, is that true?
- I'm not sure we can't do that by ourselves, does that "we will
release tools but not keys" also exclude, say, the xen packages
maintainer from signing stuff?
If we "just" need to sign the binary and a package maintainer and/or the
"existing build infrastructure" can sign stuff, I tend to think we
should be pretty safe...
Thoughts?
Regards,
Dario
--
<<This happens because I choose it to happen!>> (Raistlin Majere)
-----------------------------------------------------------------
Dario Faggioli, Ph.D,
http://retis.sssup.it/people/faggioli
Senior Software Engineer, Citrix Systems R&D Ltd., Cambridge (UK)