Arch Linux Sep 27, 2024

Arch Linux and Valve Collaboration

https://lists.archlinux.org/archives/list/[email protected]/thread/RIZSKIBDSLY4S5J2E2STNP5DH4XZGJMR/

#archlinux #valve

Arch Linux and Valve Collaboration - Arch-dev-public - lists.archlinux.org

Show threadCarlos SolĂ­sSep 28, 2024
@archlinux I suppose the secure signing enclave will be used to make the Steam Deck able to run fully certified kernels that may pass kernel-level anti-cheat attestation, right? Great to know!
Show threadMorten LinderudSep 28, 2024

@csolisr @archlinux

What you are proposing doesn't exist.

The signing enclaves would move the package signing from the developer keys to a central signing key. It would avoid the current problem where users have issues with our developer keys because of outdated systems.

We could also support Secure Boot with a signed shim, but this is further down the pipeline.

Show threadDavid Runge

@Foxboron @csolisr @archlinux

Basically what Morten wrote above.

Whether and to what extend Valve uses what we do is out of our hands. Generally speaking, we do hope to create broadly reusable code (as always) though.

More details about the (work on the) signing service can be gotten via the following link:
https://chaos.social/@dvzrv/113204676874021796

David Runge (@[email protected])

My talk "Boring Infrastructure: Building a secure signing environment" from #asg2024 is online: https://media.ccc.de/v/all-systems-go-2024-263-boring-infrastructure-building-a-secure-signing-environment You can find the slides for it at: https://pkgbuild.com/~dvzrv/presentations/all-systems-go-2024/ #AllSystemsGo #OpenPGP #DigitalSignature #Signing #Berlin #Linux #ArchLinux #Signstar

chaos.social
Sep 28, 2024 at 6:54amWeb