Mimi Zohar <[email protected]> wrote: > From an IMA perspective, either a file hash or signature are valid, > but for this usage it must be a signature.
Not necessarily. If IMA can guarantee that a module is the same based on its hash rather than on a key, I would've thought that should be fine. David -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
