* [U-Boot-Users] Support for verifying the certificate signatures on the downloaded files?
@ 2004-11-01 22:55 Shekhar Kshirsagar
2004-11-02 22:25 ` Detlev Zundel
0 siblings, 1 reply; 3+ messages in thread
From: Shekhar Kshirsagar @ 2004-11-01 22:55 UTC (permalink / raw)
To: u-boot
Based on my reading of the u-boot documentation, at present u-boot there is no support for verification of certificate signatures in the downloaded files.
If, this Is correct, has somebody considered adding support for this to u-boot?
Thanks,
Shekhar
^ permalink raw reply [flat|nested] 3+ messages in thread
* [U-Boot-Users] Support for verifying the certificate signatures on the downloaded files?
2004-11-01 22:55 [U-Boot-Users] Support for verifying the certificate signatures on the downloaded files? Shekhar Kshirsagar
@ 2004-11-02 22:25 ` Detlev Zundel
2004-11-02 23:18 ` Wolfgang Denk
0 siblings, 1 reply; 3+ messages in thread
From: Detlev Zundel @ 2004-11-02 22:25 UTC (permalink / raw)
To: u-boot
Hi Shekhar,
> Based on my reading of the u-boot documentation, at present u-boot
> there is no support for verification of certificate signatures in
> the downloaded files. If, this Is correct, has somebody considered
> adding support for this to u-boot?
You mean checking downloaded image files signed by certificates? Um,
I am not sure what you want to do this for in a _bootloader_ - sure
U-Boot gets big but its still no operating system :) Honestly, I
don't understand the use for it, may be you can shed some more light
on this.
And just to consider the thought some more - I don't want to argue
with Wolfgang for the storage of the CA certificates :)
Cheers
Detlev
--
SWYM XYZ (Sympathize with your machinery). [..] In fact it is often
called a no-op, because it performs no operation. It does, however,
keep the machine running smoothly, just as real-world swimming helps
to keep programmers healthy. -- Donald Knuth, Fascicle 1
^ permalink raw reply [flat|nested] 3+ messages in thread
* [U-Boot-Users] Support for verifying the certificate signatures on the downloaded files?
2004-11-02 22:25 ` Detlev Zundel
@ 2004-11-02 23:18 ` Wolfgang Denk
0 siblings, 0 replies; 3+ messages in thread
From: Wolfgang Denk @ 2004-11-02 23:18 UTC (permalink / raw)
To: u-boot
In message <87mzxz3n3o.fsf@deepthought.outer.space.org> you wrote:
>
> > Based on my reading of the u-boot documentation, at present u-boot
> > there is no support for verification of certificate signatures in
> > the downloaded files. If, this Is correct, has somebody considered
> > adding support for this to u-boot?
>
> You mean checking downloaded image files signed by certificates? Um,
> I am not sure what you want to do this for in a _bootloader_ - sure
Well, I've heard that song before. It goes something like this:
let'smake sure that our cutomers cannot run any modified images. We
know what the customer wants (usually better than he himself), and
there is no reason to meddle with our perfect solutions.
Usually these people forget that U-Boot is under GPL, so they have to
deliver the full source code to the customer, and all it takes to
disable this expensive (in terms of effort, boot time and memory
footprint) extension is deleting a "#define" in a board config file.
Best regards,
Wolfgang Denk
--
See us @ Embedded/Electronica Munich, Nov 09 - 12, Hall A.6 Booth 513
Phone: (+49)-8142-66989-10 Fax: (+49)-8142-66989-80 Email: wd at denx.de
If I have seen further it is by standing on the shoulders of giants.
- Isaac Newton, Letter to Robert Hooke, 5 February 1676
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2004-11-02 23:18 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-11-01 22:55 [U-Boot-Users] Support for verifying the certificate signatures on the downloaded files? Shekhar Kshirsagar
2004-11-02 22:25 ` Detlev Zundel
2004-11-02 23:18 ` Wolfgang Denk
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.