Hi John, On Wed, Aug 08, 2018 at 08:07:01PM +0200, John Crispin wrote: > Hi All, > > $magic feature, please elaborate, kthxbye
ucert [1] is a way to allow trust delegation and revocation on top of usign/signify intended for sysupgrade images. Functionality to make use of ucert to automatically sign generated images and verify them on the target has recently been added to OpenWrt (image signatures are verified if present, they are not mandatory unless $REQUIRE_IMAGE_SIGNATURE is set to '1'). Background: During battlemesh in Porto we decided upon sysupgrade image metadata and also had a vague idea how signing sysupgrade images would be implemented in the same fashion as image metadata. However, when @aparcar came up with the sysupgrade-image-server [2] we quickly realised that simply using usign won't be sufficient or at least it felt a bit fishy to have an eternal irrevokable private key on a machine processing complex input from anonymous users of The Internet. Hence, in this year's wireless meshup we discussed how the most simple way to delegate (and limit and possibly revoke) keys to those automated build servers could work. After mapping out the basic idea, WIO [3] agreed to sponsor the initial development of ucert. Apart from sysupgrade images, ucert may also be used for other payloads in situations where using X.509/ASN.1 or relying on TLS isn't feasible, such as config distribution/provisioning. For example on low-cost routers (eg. devices with only 4MB flash): Using opkg (even to just update the openwrt-keyring) or stroring ca-certificates for X.509 or using GnuPG would be utopic on those boxes. If you or anyone got any questions regarding ucert, always feel free to contact me! Cheers Daniel [1]: https://git.openwrt.org/?p=project/ucert.git;a=blob;f=README.md [2]: https://github.com/aparcar/attendedsysupgrade-server [3]: http://wiowireless.com _______________________________________________ openwrt-devel mailing list [email protected] https://lists.openwrt.org/mailman/listinfo/openwrt-devel
