Navigation
Search
|
A review of the kernel's release-signing practices
Wednesday June 23, 2021. 09:33 PM , from LWN.net
At the behest of the Linux Foundation, a security-oriented review of the
kernel project's release-signing and key-management practices was done; the report from this work has now been published. This review resulted in seven recommendations that can help improve the robustness of the security and use of the signing keys for the Linux Kernel. Additionally, Trail of Bits suggested that more comprehensive and up to date documentation on the current procedures and policies are needed to help organizations around the world to best understand the current stratagem. See the full report for the details.
https://lwn.net/Articles/860681/rss
|
25 sources
Current Date
Apr, Sat 20 - 00:56 CEST
|