James Morris wrote:
> > However, we don't have to include the DSA stuff in the kernel; I can always
> > discard that patch from the upstream-aimed patchset.
>
> I'd encourage dropping DSA, as there appears to be no legacy justification
> for its inclusion.
Okay, done that.
David
--
To unsubs
On Mon, 5 Dec 2011, David Howells wrote:
> However, we don't have to include the DSA stuff in the kernel; I can always
> discard that patch from the upstream-aimed patchset.
I'd encourage dropping DSA, as there appears to be no legacy justification
for its inclusion.
- James
--
James Morris
H. Peter Anvin wrote:
> Do we really need the complexity of a full OpenPGP parser? Parsers are
> notorious security problems.
Actually, I don't have a full PGP parser. I only handle the minimum I need.
It can parse the packet stream, public key packets and signature packets.
That's it. I cann
On 11/29/2011 03:42 PM, David Howells wrote:
>
> I have provided a couple of subtypes: DSA and RSA. Both types have signature
> verification facilities available within the kernel, and both can be used for
> module signature verification with any encryption algorithm known by the PGP
> parser, pr
On Tue, Nov 29, 2011 at 11:42:58PM +, David Howells wrote:
>
> Here are a set of patches that create a framework for using cryptographic keys
> within the kernel. The patches can also be found at:
>
>
> http://git.kernel.org/?p=linux/kernel/git/dhowells/linux-modsign.git;a=shortlog;h=
Here are a set of patches that create a framework for using cryptographic keys
within the kernel. The patches can also be found at:
http://git.kernel.org/?p=linux/kernel/git/dhowells/linux-modsign.git;a=shortlog;h=refs/heads/devel
The basic crypto key has no requirements as to how the