mirror of
https://github.com/golang/sys.git
synced 2026-02-08 11:46:04 +03:00
ef0ce17483
Asymmetric keyrings can require key payloads to be X.509 certificates signed by a key in a different keyring. This can be helpful for rotating keys on a live machines for subsystems like IMA while preventing local tampering. Tested locally by applying the "key_or_keyring:<id>" restriction to a keyring. Change-Id: Ia8dcb343abc5f405d374c357d5cac3d5181d7159 Reviewed-on: https://go-review.googlesource.com/c/sys/+/178400 Run-TryBot: Tobias Klauser <tobias.klauser@gmail.com> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Tobias Klauser <tobias.klauser@gmail.com>
59 KiB
59 KiB