On Fri, 2016-07-22 at 12:01 +0100, David Howells wrote:
> I'm not sure this is the right venue for this, but keyrings will need
> to be
> namespaced/containerised at some point.
> 
> The problem is that it's an icky problem given that different key
> types really
> want to live in different namespaces, and upcalls may want to done in
> different containers, depending on the key type.
> 
> For example, DNS resolver keys - should they be in the network, the
> filesystem
> namespace or neither?  Should the upcall be in the current container
> or the
> root container?
> 
> Authentication keys, such as used by kafs and AF_RXRPC - should they
> be in the
> filesystem namespace (kafs is an fs), the network namespace (AF_RXRPC
> is a net
> protocol) or the user namespace?
> 
> Should crypto keys, such as the asymmetric key type, be in the user
> namespace?
> What about use by module signing?  Should key operations in the
> current
> container have access to a blacklist in the root container?  Should
> key
> verification in the current container have access to system
> keyrings?  The
> TPM?
> 
> This might actually be right for a hallway track.
> 
While figuring out the answers might be right for a hallway
track, it seems that enough maintainers might run into this
stuff later on that sharing the understanding could be good
for a general session.

There is no need to keep this knowledge obscure, especially
given that the more maintainers understand it, the less likely
it is that future mistakes will get merged.

-- 

All Rights Reversed.