Hi, at the risk of wading into the weeds, you mentioned below that:
"...it also has the advantage that the core and kernel snaps are signed readonly squashfses and can not just be modified which adds a great amount of extra security." Is there a Wiki or document explaining the signature private key's life cycle management? For example, what process happens when the key expires or is compromised? Who is the entity that actually *signs* the file system? If you built a custom kernel and/or device drivers, how would your binaries interact with this file system signature's verification? Can you substitute your own software factory/store's signature? If you operate your own private CA and sign some file objects within the snap, does that CA need to be cross-certified with the trust anchor CA that is vouching for the identity applying the core/kernel file system signature? tia, George On Fri, 2017-01-20 at 15:14 +0100, Oliver Grawert wrote: <snipped for brevity> -- Snapcraft mailing list Snapcraft@lists.snapcraft.io Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/snapcraft