Proposed F19 Feature: Package Signature Checking During Installation
Till Maas
opensource at till.name
Thu Jan 10 22:40:28 UTC 2013
On Thu, Jan 10, 2013 at 04:25:18PM -0600, Michael Cronenworth wrote:
> Problem 1: Root trust
> Currently this process is manually performed by checking a mental
> checkbox when a user downloads a Fedora image from fp.o. Having
> SecureBoot perform this process automatically is a +1, but not a
> requirement. If we cannot trust our end users then how can we trust
> ourselves.
SecureBoot does not do this automatically, as it would allow to run a
F18 install image that does no signature checking on packages. Therefore
users still need to verify the image that they are going to boot with
this feature enabled.
Regards
Till
More information about the devel
mailing list