On Mon, 2014-06-30 at 16:47 +0300, Dmitry Kasatkin wrote: > On 27/06/14 20:44, Mimi Zohar wrote: > > On Fri, 2014-06-27 at 14:55 +0100, David Howells wrote: > >> Mimi Zohar <zo...@linux.vnet.ibm.com> wrote: > >> > >>> This patch defines a new kernel parameter 'keys_ownerid' to identify > >>> the owner's key which must be used for trust validation of certificates. > >> "ca_keys" or "only_ca" instead, maybe? > > Neither of these names reflect the concept of the machine owner or a > > local key. The initial patches named it 'owner_keyid'. If kernel > > parameters don't need to be prefixed with the subsystem, we could revert > > the name change or call it localca_keyid. > > > > Mimi > > I neither against any of proposals. > > But considering that we use those keys to verify other keys, they become > ca keys. > So from that point of view I think 'ca_keys' reflects functionality > quite ok. > > localca_ prefix is may be not very relevant as builtin keys may > comesfrom kernel vendor (RH, Ubuntu) > and is not really local...
Ok. > so let's decide on 'ca_keys'? Ok. This change isn't limited to just the kernel boot parameter name, but needs to be reflected in the patch description and variable/function names. thanks, Mimi -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/