Verified Commit 49fbf4a9 authored by anarcat's avatar anarcat 💥
Browse files

notes on the kernel transparency log

parent 711cb9ec
Loading
Loading
Loading
Loading
+6 −0
Original line number Diff line number Diff line
@@ -1230,6 +1230,12 @@ holds the public keys:
It's unclear, however, why the latter spec wasn't reused. To be
investigated.

Update, 2022-04-20: someone actually went through the trouble of
[auditing the transparency log](https://tlog.linderud.dev/), which is an interesting exercise
in itself. The [verifier source code](https://github.com/Foxboron/kernel.org-git-verifier) is available, but probably
too specific to Linux for our use case. [Their notes are also
interesting](https://linderud.dev/blog/monitoring-the-kernel.org-transparency-log-for-a-year/).

### Ryabitsev: Secure Scuttlebutt

A more exotic proposal is to [use the Secure Scuttlebutt (SSB)