[Reproducible-builds] Reproducibility vs signatures
Holger Levsen
holger at layer-acht.org
Mon Aug 3 11:24:54 UTC 2015
Hi,
On Montag, 3. August 2015, Ben Hutchings wrote:
> Only the FTP team will be able to get shim signed by the Microsoft CA.
> Only the FTP team will be able to sign GRUB and the kernel using the
> private key for which the public part is embedded in shim.
>
> Users can add further trusted keys at boot time through the BIOS setup
> program or shim; then they can use their own signed kernels.
Thanks for clarifying.
About your original question, I dont have a good answer right now. I think it
would be a good topic to discuss at DebConf...! Thanks for bringing this up to
us already!
cheers,
Holger
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 828 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.alioth.debian.org/pipermail/reproducible-builds/attachments/20150803/dc2f225c/attachment.sig>
More information about the Reproducible-builds
mailing list