[PATCH v5 1/4] certs: Add EFI_CERT_X509_GUID support for dbx entries
dhowells at redhat.com
Thu Jan 28 15:58:03 UTC 2021
Nayna <nayna at linux.vnet.ibm.com> wrote:
> Thanks Eric for clarifying. I was confusing it with with the broader meaning
> of revocation i.e. certificate revocation list. To avoid similar confusion in
> the future, I wonder if we should call it as 'blocklist' or 'denylist' as
> suggested in the document. This is to avoid conflicts with actual CRL support
> if added in the future. I also wonder if we should add the clarification in
> the patch description.
Reject-list might be better.
More information about the Linux-security-module-archive