On Mon, Nov 16, 2015 at 3:10 PM, Mimi Zohar wrote:
> On Mon, 2015-11-02 at 00:32 +0200, Petko Manolov wrote:
>> This option creates IMA MOK and blacklist keyrings. IMA MOK is an
>> intermediate keyring that sits between .system and .ima keyrings,
>> effectively forming
On Mon, 2015-11-02 at 00:32 +0200, Petko Manolov wrote:
> This option creates IMA MOK and blacklist keyrings. IMA MOK is an
> intermediate keyring that sits between .system and .ima keyrings,
> effectively forming a simple CA hierarchy. To successfully import a key
> into .ima_mok it must be
This option creates IMA MOK and blacklist keyrings. IMA MOK is an
intermediate keyring that sits between .system and .ima keyrings,
effectively forming a simple CA hierarchy. To successfully import a key
into .ima_mok it must be signed by a key which CA is in .system keyring.
On turn any key