|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: Security Use Requirements (and security issue with iSCSI boot deployment)>Short of digitally signing every block, a practical way out is to for each >loaded image to verify the integrity of the subsequent image to be loaded (if any). The PXE approach is to sign the entire boot image, and verify the signature using a public key that was pre-loaded into the PC, typically by the OEM (on the customer's behalf). If you need this kind of code signing from the start, then you'll need to include that capability in the initial boot image that you retrieve via PXE. As you've stated, that initial boot image should include iSCSI driver support.
Home Last updated: Tue Sep 04 01:05:32 2001 6315 messages in chronological order |