Subject: Re: Verifying a kernel.
To: Jonathan Stone <jonathan@dsg.stanford.edu>
From: Steven M. Bellovin <smb@cs.columbia.edu>
List: tech-kern
Date: 07/20/2005 22:54:18
In message <E1DvMXP-0007X9-00@smeg.dsg.stanford.edu>, Jonathan Stone writes:
>
>(OTOH, a real digital signature on kernels, or a signature of a SHA512
>hash, sounds really neat; but where can a bootloader get the material
>to verify a real signature?)
>
See http://www.cis.upenn.edu/~waa/aegis.ps
--Steven M. Bellovin, http://www.cs.columbia.edu/~smb