Document the preference of using HSMs than other forms of securing private keys #448
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Kamil Aronowski <[email protected]>
Showcasing, how important HSMs are, might be realized as a community-backed venue for helping out setting these, especially when workarounds are needed for some of the problematic tokens. Add an example entry meant to be run in a test environment and link to it in the docs. Signed-off-by: Kamil Aronowski <[email protected]>
docs/submitting.md
Outdated
| @@ -109,9 +109,20 @@ There are strong recommendations on the types of certificates that | |||
| should be used in shim, and also on how keys should be managed for | |||
| security. See the 12th bullet in [Microsoft UEFI Signing | |||
| Requirements](https://techcommunity.microsoft.com/t5/hardware-dev-center/updated-uefi-signing-requirements/ba-p/1062916) | |||
| for tips on this, and also some sugested schems for key and certificate | |||
| for tips on this, and also some suggested schems for key and certificate | |||
|
I'm not sure the softhsm example setup belongs here - maybe better as a personal blog / repo? |
"schems" -> "schemes", as per PR rhboot#448 Signed-off-by: Kamil Aronowski <[email protected]>
|
Fixed.
|
|
I can remove that example, but should we nevertheless stick with the HCL idea
and simply use physical HSMs as examples there, or remove it altogether?
Considering the former, I'd wait until we have at least one of such examples
ready for showcasing, what we expect from others, then replace the proposed one.
Otherwise we would have this list empty - not an inviting sight to see for
those, who still set up their own signing infrastructure.
|
As discussed, this might work better as an unofficial post, than official venue. Signed-off-by: Kamil Aronowski <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
As per the call on October 7, 2024, documenting why HSMs should be used
instead of other methods of protecting private keys.
Showcasing, how important HSMs are, might be realized as a
community-backed venue for helping out setting these, especially when
workarounds are needed for some of the problematic tokens. Add an
example entry meant to be run in a test environment and link to it in
the docs.