| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 14 Feb 2007 19:40:57 +0000 From: David Howells <dhowells@...hat.com> To: Linus Torvalds <torvalds@...ux-foundation.org> Cc: akpm@...ux-foundation.org, herbert.xu@...hat.com, linux-kernel@...r.kernel.org, davej@...hat.com, arjan@...radead.org, linux-crypto@...r.kernel.org Subject: Re: [PATCH 0/6] MODSIGN: Kernel module signing Linus Torvalds <torvalds@...ux-foundation.org> wrote: > > (1) A cut-down MPI library derived from GPG with error handling added. > > Do we really need to add this? I presume you mean the MPI library specifically? If so, then yes. It's necessary to do DSA signature verification (or RSA for that matter). > Wouldn't it be much nicer to just teach people to use one of the existing > signature things that we need for _other_ cases anyway, and already have > merged? Existing signature things? I know not of such beasts, nor can I see them offhand. > (Of course, it's possible that none of the current crypto supports any > signature checking at all - I didn't actually look. In which case my > argument is pointless). Hashing, yes; encryption, yes; signature checking: no from what I can see. It's possible that I can share code with eCryptFS, though at first sight that doesn't seem to overlap with what I want to do. David - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists