3 Oct 2024 |
ElvishJerricco | yea, and like regular lanzaboote stub it would just contain the path and hash of the component rather than its contents | 21:00:42 |
ElvishJerricco | but yea the point is to separate code from manifest | 21:01:21 |
ElvishJerricco | e.g. so that one day we can have vendor signed lanzaboote and MOK signed manifests | 21:01:34 |
raitobezarius | which is achieved ironically by making the manifest an executable | 21:01:35 |
ElvishJerricco | yes :P | 21:01:44 |
raitobezarius | someday, secureboot 2.0 will happen | 21:01:59 |