[GIT PULL] KEYS: Blacklisting, restrictions and DH
James Morris
jmorris at namei.org
Mon Apr 17 21:38:45 UTC 2017
On Wed, 12 Apr 2017, David Howells wrote:
>
> Hi James,
>
> Could you pull these changes into security/next please:
>
> (1) Provide a blacklist keyring and a blacklist key type such that X.509
> keys and PKCS#7 certs can be blacklisted. It is possible to load the
> blacklist from a file at compile time. A future patch will
> additionally load the blacklist from the UEFI blacklist if available.
>
> (2) Make it possible to create a userspace keyring and to apply a
> restriction to it such that no new keys can be added unless they meet
> the criteria.
>
> (3) Add SP800-56A KDF support for the DH operation.
>
Pulled, thanks.
--
James Morris
<jmorris at namei.org>
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
More information about the Linux-security-module-archive
mailing list