KEYS: Add documentation for asymmetric keyring restrictions
Provide more specific examples of keyring restrictions as applied to X.509 signature chain verification. Signed-off-by: Mat Martineau <mathew.j.martineau@linux.intel.com> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: James Morris <james.l.morris@oracle.com>
This commit is contained in:
Mat Martineau
committed by
James Morris
James Morris
parent
4f9dabfaf8
commit
7228b66aaf
@@ -894,6 +894,12 @@ The keyctl syscall functions are:
|
||||
To apply a keyring restriction the process must have Set Attribute
|
||||
permission and the keyring must not be previously restricted.
|
||||
|
||||
One application of restricted keyrings is to verify X.509 certificate
|
||||
chains or individual certificate signatures using the asymmetric key type.
|
||||
See Documentation/crypto/asymmetric-keys.txt for specific restrictions
|
||||
applicable to the asymmetric key type.
|
||||
|
||||
|
||||
Kernel Services
|
||||
===============
|
||||
|
||||
|
||||
Reference in New Issue
Block a user