Re: DSA GnuPG signatures

grub-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: DSA GnuPG signatures

From:	Andrey Borzenkov
Subject:	Re: DSA GnuPG signatures
Date:	Sun, 13 Jan 2013 12:33:30 +0400

В Fri, 11 Jan 2013 21:54:22 +0100
Vladimir 'φ-coder/phcoder' Serbinenko <address@hidden> пишет:

> Hello, all. I've just committed import of libgcrypt and implementation
> of related code to check signatures. Short usage:
> verify_detached FILE FILE.sig [pubkey.gpg]

Just to be sure. Signature is created using

gpg --detach-sign FILE

correct?

> trust KEY.gpg
> distruct KEYID

distrust?

> check_signatures=[enforce|no]
>

There is no command to list currently trusted keys. Would it be
useful? key_list or "trust --list"?
 
> grub-mkimage -k KEY gcry_dsa verify [...]
> 
> When check_signatures=enforce every time anthing tries to open a file
> its signature (file.sig) is looked for and the open fails if signature
> is absent or invalid.

This means - *any* file, including grub.cfg, themes etc? Or does it
apply to modules only?

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

DSA GnuPG signatures, Vladimir 'φ-coder/phcoder' Serbinenko, 2013/01/11
- Re: DSA GnuPG signatures, Colin Watson, 2013/01/11
  - Re: DSA GnuPG signatures, Vladimir 'φ-coder/phcoder' Serbinenko, 2013/01/11
- Re: DSA GnuPG signatures, Andrey Borzenkov <=
  - Re: DSA GnuPG signatures, Vladimir 'φ-coder/phcoder' Serbinenko, 2013/01/13
- Re: DSA GnuPG signatures, Andrey Borzenkov, 2013/01/31

Prev by Date: Re: DSA GnuPG signatures
Next by Date: Re: DSA GnuPG signatures
Previous by thread: Re: DSA GnuPG signatures
Next by thread: Re: DSA GnuPG signatures
Index(es):
- Date
- Thread