Mailinglist Archive: opensuse (924 mails)

< Previous Next >
[opensuse] Re: Re: UEFI
  • From: JtWdyP <jtwdyp@xxxxxxxx>
  • Date: Fri, 26 Oct 2012 01:06:56 -0400 (EDT)
  • Message-id: <alpine.LNX.2.00.1210260038400.7320@localhost>

It would appear that on Oct 24, Greg Freemyer did say:

The keys themselves are public, but you as the hardware owner will
have to approve keys being added to public key database and therefore
ensure you are only adding public keys for entities you trust.

"trust"??? OK if I'm supposed to add keys based on trust, how to subtract

Actually I'm wondering about this:

These public keys are effectively embedded in the kernel code somehow right?
Or would it be possible for knowledgeable PC owner, to create his own "trust"
key set. And then use it to "sign" an existing, older, formerly unsigned
kernel. Then as PC Owner, add that key... {You see where I'm going with this
right?} And if so, is there any reason that technique couldn't be used to
install and run something like dos? {I have a couple of antique games you see}


To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups