On 06/10/14 15:44, James Morris wrote: > On Fri, 3 Oct 2014, David Howells wrote: > >> Dmitry Kasatkin <d.kasat...@samsung.com> wrote: >> >>> BTW. But actually why signer is needed to find the key? >>> Every key has unique fingerprint. >> The SKID is by no means guaranteed unique, is not mandatory and has no >> defined >> algorithm for generating it. >> >>> Or you say that different certificates might have the same PK? >>> What I would consider strange. But anyway, if PK is the same, then >>> verification succeed. >> Do note: We *do* need to get away from using SKIDs. We have situations where >> we have to use a key that doesn't have one. >> > David, I need to push to Linus for 3.17 -- please finalize the fix for > this and send me a pull request. > > >
Hi David, I tested KEYS fixes and it works well for modules and integrity. http://git.kernel.org/cgit/linux/kernel/git/dhowells/linux-fs.git/log/?h=keys-next-fixes Thanks! - Dmitry -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
