Re: [Linux-ima-user] IMA/EVM

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

On Fri, 2015-03-20 at 08:45 -0400, Mimi Zohar wrote:

> 
> Yes, definitely!  Either build the local CA's key into the kernel or
> import the CA's public key into the MoK db (eg. using mokutil).  Use
> your public CA key to sign the other certificates containing the keys to
       ^^^^^^ 
> be loaded onto the IMA keyring.

That should have been: "Use the private CA key".

Mimi