Perhaps we should find time to hack at DebConf
-T
On Tue, Aug 19, 2014 at 5:16 PM, Steve McIntyre st...@einval.com wrote:
On Tue, Aug 19, 2014 at 01:38:44PM -0700, Ben Hutchings wrote:
So far as I know, no progress has been made on the above steps or any
alternate approach.
Ditto, I've not
On Thu, 2014-08-14 at 23:38 +0200, Cyril Brulebois wrote:
[...]
1. Colin Watson will prepare dak changes to support upload and
subsequent signing of EFI executables. (This is an embedded, not
detached, signature.)
2. Steve Langasek will prepare and upload a package of the 'shim' EFI
On Tue, Aug 19, 2014 at 01:38:44PM -0700, Ben Hutchings wrote:
So far as I know, no progress has been made on the above steps or any
alternate approach.
Ditto, I've not seen (or done) anything about this.
--
Steve McIntyre, Cambridge, UK.st...@einval.com
Hi Ben,
Ben Hutchings b...@decadent.org.uk (2013-08-13):
Colin Watson and Stefano Rivera talked about how Ubuntu had implemented
Secure Boot and what they believed were the requirements.
Apparently, the Secure Boot spec requires each stage of the boot code
to validate signatures only until
On Wed, Aug 14, 2013 at 12:30:55AM +0200, Ben Hutchings wrote:
Editing of binary packages is icky, so that's not part of the plan.
Instead, after dak signs an executable, the package maintainer downloads
and copies those into a separate 'source' package, which has a trivial
debian/rules. (And
On Wed, 2013-08-14 at 11:10 +0200, Karsten Merker wrote:
[...]
Hello,
how is booting a self-built kernel handled in this case? I am
rather new to this topic as I currently do not own any
secure-boot capable hardware, so maybe I am misunderstanding
something.
If I understand things right,
Colin Watson and Stefano Rivera talked about how Ubuntu had implemented
Secure Boot and what they believed were the requirements.
Apparently, the Secure Boot spec requires each stage of the boot code to
validate signatures only until ExitBootServices() is called. (At this
point the firmware
On Tue, 2013-08-13 at 22:54 +0200, Ben Hutchings wrote:
Colin Watson and Stefano Rivera talked about how Ubuntu had implemented
Secure Boot and what they believed were the requirements.
[...]
Sorry, I'm having name confusion here. Who do I really mean?
Ben.
--
Ben Hutchings
Experience is
Hi,
many thanks for the summary.
Ben Hutchings b...@decadent.org.uk (2013-08-13):
Colin Watson and Stefano Rivera talked about how Ubuntu had implemented
Secure Boot and what they believed were the requirements.
Apparently, the Secure Boot spec requires each stage of the boot code to
Cyril Brulebois wrote:
(Sorry, I'm new to all this) do you mean (1) the regular linux image
packages are getting a signature added, and we're using those like we do
today, or (2) that we'll have additional linux image packages with the
signatures to be used instead of the usual linux image
On Tue, 2013-08-13 at 23:38 +0200, Cyril Brulebois wrote:
[...]
4. The kernel team may also need to upload kernel images for signing and
add linux-image-signed packages with the Debian-signed kernel images.
This is because some quirks in the kernel should be run before calling
11 matches
Mail list logo
