>>> On 20.04.16 at 19:33, wrote:
> * Userspace tooling
>
> Plan to move to xl / libxl. Need to have stable interface in libxl
> Tool is simple now, but might be more complex when sig verification
> is involved.
>
> Jan: use external utility to veirfy, better. Xl should only do basic
> uplo
* Signature verification
Code bloat to verify all sort of sigs. Limit to two types of sigs
Verify in hypervisor seems to be the only way.
What extra security provides? It ensure binaries you get is from the
vendor.
Can do in userspace in Dom0? Questionable, even Linux doesn't trust
modul
