A review of the kernel's release-signing practices

by
corbet
from LWN.net on (#5KEMW)
At the behest of the Linux Foundation, a security-oriented review of thekernel project's release-signing and key-management practices was done; thereport from this work has now been published.

This reviewresulted in seven recommendations that can help improve the robustness ofthe security and use of the signing keys for the LinuxKernel. Additionally, Trail of Bits suggested that more comprehensive andup to date documentation on the current procedures and policies are neededto help organizations around the world to best understand the currentstratagem.

See thefull report for the details.

External Content
Source RSS or Atom Feed
Feed Location http://lwn.net/headlines/rss
Feed Title LWN.net
Feed Link https://lwn.net/
Reply 0 comments