Establishing Trust in Linux Keyrings - Built-in, Imputed, or Transitive Trust

Explore the intricacies of trust establishment in Linux keyrings through this 32-minute conference talk presented by Elaine Palmer from IBM Research and George Wilson from IBM Linux Technology Center. Delve into the complexities of key usage across firmware, Linux kernel, and user space, examining their roles in signing, verifying, and encrypting other keys, code, and data. Investigate the challenges of dynamically establishing trust when authorities and relationships are unknown at build time. Learn about imputed trust derived from firmware and transitive trust based on certificate chains. Examine how keyrings in Linux define trust domains, scope, and key usage constraints, supporting various threat models. Review existing kernel keyrings, their applications, restrictions, and methods for evaluating trust in different scenarios.

Establishing Trust in Linux Keyrings - Is Trust Built-in, Imputed, or Transitive?