Re: UEFI Secure Boot sprint report

To: tfheen@debian.org
Cc: debian-project@lists.debian.org
Subject: Re: UEFI Secure Boot sprint report
From: Hideki Yamane <henrich@iijmio-mail.jp>
Date: Mon, 7 May 2018 22:38:43 +0900
Message-id: <[🔎] 20180507223843.4ec3bad563f9b100baa168a7@iijmio-mail.jp>
In-reply-to: <8736zdx0hj.fsf@err.no>

Hi,

> In the end, we decided to have a signing service which will construct
> a source package based on a "template" package and a list of files to
> sign and upload this to be processed by the normal buildd and dak
> processes. The signing service will also have an audit log which makes
> it public what was signed and when.

 I'm curious how this works.

 * source package was modified to generate <package>-$ARCH-signed-template
   binary package
 * dput it to repo and dak would pass to code sign service?
 * sign binary package??


 Please let know it or give an URL for it to help me to understand it,
 since I want to explain it on an article on Japanese tech magazine.


-- 
Regards,

 Hideki Yamane     henrich @ debian.org/iijmio-mail.jp

Reply to:

Follow-Ups:
- Re: UEFI Secure Boot sprint report
  - From: Tollef Fog Heen <tfheen@err.no>

Prev by Date: Re: Power-Management
Next by Date: Re: future of Debian's derivatives efforts?
Previous by thread: Re: Power-Management
Next by thread: Re: UEFI Secure Boot sprint report
Index(es):
- Date
- Thread