[PATCH v5 1/4] certs: Add EFI_CERT_X509_GUID support for dbx entries

David Howells dhowells at redhat.com
Thu Jan 28 15:58:03 UTC 2021

Nayna <nayna at linux.vnet.ibm.com> wrote:

> Thanks Eric for clarifying. I was confusing it with with the broader meaning
> of revocation i.e. certificate revocation list. To avoid similar confusion in
> the future, I wonder if we should call it as 'blocklist' or 'denylist' as
> suggested in the document. This is to avoid conflicts with actual CRL support
> if added in the future. I also wonder if we should add the clarification in
> the patch description.

Reject-list might be better.


More information about the Linux-security-module-archive mailing list