On 12/16/20 5:38 PM, Kevin Fenzi wrote:
On Wed, Dec 16, 2020 at 04:28:49PM -0500, przemek klosowski via devel wrote:
I was trying to make a point that we don't have a way to check the initial
image: it could be altered to falsely claim to be signed by fedoraproject.
well, we do: https://getfedora.org/security/
Right, but it's not automatic, and requires an existing known-good
system, which is the actual 'root of trust' here. This cannot be assumed
about a flash drive, which is why the automatic image check is hard.
I guess it would involve a secure boot into a fedora signed shim that
* retrieves the checksum over a verified TLS network connection
* checks the image against that.
_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
