On Wed, Dec 15, 2021 at 09:27:42AM +0000, Roberto Sassu via devel wrote:
> Hello everyone
> 
> I have done some work in the integrity subsystem, called
> Digest Lists Integrity Module (DIGLIM).
> 
> It simplifies the effort necessary to do IMA appraisal, by
> reusing the digests included in the header of existing
> RPM packages as reference values. It wouldn't require
> any change in the building infrastructure.
> 
> It also provides an alternative way of attesting systems,
> by keeping the TPM PCR extended with software
> measurements, stable and predictable. The main benefit
> is the ability to seal a TPM key to the desired software
> configuration, so that a TLS secure communication can
> be established when only software from installed RPMs
> is executed. It would be possible to integrate this solution
> in Keylime.
> 
> I have proposed this feature for upstream inclusion:
> 
> https://lore.kernel.org/linux-integrity/20210914163401.864635-1-roberto.sa...@huawei.com/
> 
> I also rebuilt the Fedora kernel in copr, with DIGLIM:
> 
> https://copr.fedorainfracloud.org/coprs/robertosassu/DIGLIM/
> 
> You can find the instructions about how to use it here:
> 
> https://lore.kernel.org/linux-integrity/48cd737c504d45208377daa27d625...@huawei.com/
> 
> I would like to join one of your subgroups, for example
> fedora-contributor, so that I can propose a new feature
> for Fedora 36/37.

You don't need any particular group membership to propose changes. :) 
https://docs.fedoraproject.org/en-US/program_management/changes_policy/

Of course being a fedora packager is useful if your change involves
updates/changes to packages, but you could submit them as PR's and
convince existing maintainers to merge them. 

kevin

Attachment: signature.asc
Description: PGP signature

_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Reply via email to