Hi Wolfgang, On 9 May 2014 07:35, Wolfgang Denk <w...@denx.de> wrote: > Dear Simon, > > In message > <CAPnjgZ1_Cf-eu592YqF0=th7mt1da6gh7pv1lxaf79kv8lw...@mail.gmail.com> you > wrote: >> >> I agree that it might be dangerous to allow legacy boot when signature >> verification is used. It would be nice to fix that. > > I think there is general agreement on this point. > >> This means that legacy is on by default, unless signature verification >> is enabled, in which case the default flips. But I worry that it might >> only confuse people. This seems like a Wolfgang / Tom question :-) > > OK, here is my 0.02€ to it: > > I think, no matter how we implement it, this should exactly the > behaviour. Average users tend to avoid reading documentation, so if > they enable signature verification the most likely want a secure > system, so we should give them just that. Only if someone really > knows what he is doing he should be able to enable support for > (insecure) legacy images. > > As for the implementation - yes, the > #ifdef CONFIG_FIT_SIGNATURE_VERIFICATION > approach indeed does not look very nice, but then, it appears to be > the straightforward implementation of what we want to do?
OK, well in that case, let's do it that way. Regards, Simon _______________________________________________ U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/mailman/listinfo/u-boot
