Create and sign Country specific XO image
Martin Langhoff
martin.langhoff at gmail.com
Tue Jun 30 03:01:30 EDT 2009
On Tue, Jun 30, 2009 at 3:56 AM, Philipp Kocher<philipp.kocher at gmx.net> wrote:
> So getting our own keys in the manufacturing data is not an option.
It still is. Google for keyjector :-)
> What is the
> problem with the process described here
> http://blog.olenepal.org/index.php/archives/183?
For a more complete explanation, see the 'multiple keys' page you will
find googling for keyjector. Some major points:
- Forces you to depend on OLPC.
- Forces OLPC to audit your image before signing it.
- Your OLPC-signed image can be used on _any_ secure XO that uses
OLPC keys (instead of their own), not only the ones in your
deployment.
- By using OLPC's keys in your deployment, your XOs can be re-flashed
with any other OLPC signed image.
cheers,
martin
--
martin.langhoff at gmail.com
martin at laptop.org -- School Server Architect
- ask interesting questions
- don't get distracted with shiny stuff - working code first
- http://wiki.laptop.org/go/User:Martinlanghoff
More information about the Devel
mailing list