From: David Howells <dhowells@redhat.com>
To: Mimi Zohar <zohar@linux.vnet.ibm.com>
Cc: dhowells@redhat.com, keyrings <keyrings@linux-nfs.org>,
linux-security-module <linux-security-module@vger.kernel.org>,
linux-kernel <linux-kernel@vger.kernel.org>,
Josh Boyer <jwboyer@redhat.com>,
Matthew Garrett <mjg59@srcf.ucam.org>,
Dmitry Kasatkin <dmitry.kasatkin@gmail.com>
Subject: Re: [PATCH v6 0/6] ima: extending secure boot certificate chain of trust
Date: Wed, 09 Jul 2014 19:56:48 +0100 [thread overview]
Message-ID: <8975.1404932208@warthog.procyon.org.uk> (raw)
In-Reply-To: <1404924054.14643.36.camel@dhcp-9-2-203-236.watson.ibm.com>
Mimi Zohar <zohar@linux.vnet.ibm.com> wrote:
> Yes, that's fine. My concern, however, is that the trusted keyring
> patches are independent of the other patches being upstreamed and should
> be upstreamed regardless of the other patches.
There is overlap in the X.509 certificate request function that you took from
my pkcs#7 patches.
David
next prev parent reply other threads:[~2014-07-09 18:57 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-06-24 14:40 [PATCH v6 0/6] ima: extending secure boot certificate chain of trust Mimi Zohar
2014-06-24 14:40 ` [PATCH v6 1/6] KEYS: special dot prefixed keyring name bug fix Mimi Zohar
2014-06-27 13:24 ` David Howells
2014-06-24 14:40 ` [PATCH v6 2/6] KEYS: verify a certificate is signed by a 'trusted' key Mimi Zohar
2014-06-24 14:40 ` [PATCH v6 3/6] KEYS: make partial key id matching as a dedicated function Mimi Zohar
2014-06-27 13:38 ` David Howells
2014-06-30 13:14 ` Dmitry Kasatkin
2014-06-30 19:20 ` Mimi Zohar
2014-06-24 14:40 ` [PATCH v6 4/6] KEYS: validate certificate trust only with selected owner key Mimi Zohar
2014-06-27 13:55 ` David Howells
2014-06-27 17:44 ` Mimi Zohar
2014-06-30 13:47 ` Dmitry Kasatkin
2014-06-30 13:57 ` Mimi Zohar
2014-06-24 14:40 ` [PATCH v6 5/6] KEYS: validate certificate trust only with builtin keys Mimi Zohar
2014-06-27 13:54 ` David Howells
2014-06-27 17:50 ` Mimi Zohar
2014-06-24 14:40 ` [PATCH v6 6/6] ima: define '.ima' as a builtin 'trusted' keyring Mimi Zohar
2014-06-27 14:17 ` David Howells
2014-07-09 15:31 ` [PATCH v6 0/6] ima: extending secure boot certificate chain of trust David Howells
2014-07-09 16:40 ` Mimi Zohar
2014-07-09 18:56 ` David Howells [this message]
2014-07-09 21:29 ` Mimi Zohar
2014-07-10 14:47 ` Dmitry Kasatkin
2014-07-13 21:06 ` David Howells
2014-07-16 13:15 ` Mimi Zohar
2014-07-17 19:43 ` David Howells
2014-07-17 20:07 ` Mimi Zohar
2014-07-17 20:37 ` David Howells
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=8975.1404932208@warthog.procyon.org.uk \
--to=dhowells@redhat.com \
--cc=dmitry.kasatkin@gmail.com \
--cc=jwboyer@redhat.com \
--cc=keyrings@linux-nfs.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=mjg59@srcf.ucam.org \
--cc=zohar@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox