#4707 HIGH Never A: Losing the RTC date bricks secure machines
Zarro Boogs per Child
bugtracker at laptop.org
Wed Nov 7 19:01:40 EST 2007
#4707: Losing the RTC date bricks secure machines
----------------------------------+-----------------------------------------
Reporter: wmb at firmworks.com | Owner: wmb at firmworks.com
Type: defect | Status: new
Priority: high | Milestone: Never Assigned
Component: ofw - open firmware | Version:
Resolution: | Keywords:
Verified: 0 |
----------------------------------+-----------------------------------------
Comment(by wmb at firmworks.com):
Fixed by svn 724.
The way it works now is that an invalid clock time is no longer a fatal
error - you see a warning message and a sad face, but the machine doesn't
refuse to progress. However, any timed signature (e.g. lease) is deemed
to have expired if the clock time is bogus, so you can still boot
actos.zip , handle developer keys, etc.
I also unified the handling of developer and lease signatures with respect
to expiration. Either can now expire or not. If the expiration date is
the special value 00000000T000000Z, then the signature is permanent and
is not compared with the clock. This is compatible with existing
practice, because all the developer keys we have issued to date use the
special non-expiring value, and none of the leases do.
--
Ticket URL: <http://dev.laptop.org/ticket/4707#comment:1>
One Laptop Per Child <http://dev.laptop.org>
OLPC bug tracking system
More information about the Bugs
mailing list