| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <871uc2pxe5.fsf@mid.deneb.enyo.de> Date: Tue, 26 Feb 2013 22:40:02 +0100 From: Florian Weimer <fw@...eb.enyo.de> To: Chris Friesen <chris.friesen@...band.com> Cc: Matthew Garrett <mjg59@...f.ucam.org>, Peter Jones <pjones@...hat.com>, Linus Torvalds <torvalds@...ux-foundation.org>, David Howells <dhowells@...hat.com>, Josh Boyer <jwboyer@...hat.com>, Vivek Goyal <vgoyal@...hat.com>, Kees Cook <keescook@...omium.org>, keyrings@...ux-nfs.org, Linux Kernel Mailing List <linux-kernel@...r.kernel.org> Subject: Re: [GIT PULL] Load keys from signed PE binaries * Chris Friesen: > On 02/25/2013 10:14 AM, Matthew Garrett wrote: >> Windows 8 will not load unsigned drivers if Secure Boot is enabled. > > For reference: > > http://msdn.microsoft.com/en-us/library/windows/desktop/hh848062%28v=vs.85%29.aspx Thanks. Do you know perchance of any other Microsoft documentation in this area, that is, their PKI architecture, the signing and revocation policies, or even security objectives for the Secure Boot implementation? The Windows 8 logo requirements are pretty thin on this and only specify the "Microsoft Windows Production PCA 2011" (which is used to sign the Windows boot loader). Policy-wise, I've seen very little published information (most of it is hearsay), and as to the objectives, I'm really in the dark. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists