On Mon, 2017-01-23 at 12:02 +0000, Luca Boccassi wrote: > > On Fri, 02 Sep 2016 16:54:10 +0100 Ben Hutchings <ben@decadent.org.uk> wrote: > > Control: severity -1 important > > > > On Fri, 10 Jun 2016 16:55:43 +0100 Ben Hutchings <ben@decadent.org.uk> > > wrote: > > > Package: src:linux-signed > > > Version: 1.1 > > > Severity: serious > > > > > > Several changes are needed before it's ready for release: > > > > > > 1. Building signed udebs > > > 2. Removing the -signed suffix from signed image packages > > > > These are now done as of version 2.2. > > > > > 3. Signing with an HSM > > > > This is not, and it really should be, but I think we can't treat this > > as a blocker for testing propagation. > > > > Ben. > > Hello Ben, > > I've done some minor changes to add flags to use pesign which supports > hardware tokens via PKCS11. Inline patch for review. > > Fortunately kbuild's sign-file already supports just passing a PKCS11 > URI, which makes it so much simpler. On the other hand as you most > likely have found out already pesign needs an NSS DB and cert nicknames > and tokens, and all in all it's a really awkward API to use, but that's > what we have to work with I suppose. > > What do you think? What I left implicit in step 3 was '...held by the FTP team'. I could use a smartcard for signing but there's never going to be a trust path from a Microsoft or OEM certificate to my personal key (nor do I want to be the only uploader of src:linux-signed). The work towards that is tracked by #821051. Ben. -- Ben Hutchings Hoare's Law of Large Problems: Inside every large problem is a small problem struggling to get out.
Attachment:
signature.asc
Description: This is a digitally signed message part