I wrote an article about best practices (including travel tips) for PureBoot, @purism 's #FOSS tamper-evident boot firmware that allows the user to control all of the keys and secrets used for the signing process. Check it out here: https://puri.sm/posts/pureboot-best-practices/
I've gotten some questions about Packagekit and why we don't provide interactive signing during package updates. I talk at length about some of the challenges with that approach here: https://github.com/osresearch/heads/issues/533
@kyle @purism firstly I saw Purism, then PureOS, then now PureBoot. Nice, Puri.sm people, and thanks @kyle for this article.
Librem Social is an opt-in public network. Messages are shared under Creative Commons BY-SA 4.0 license terms. Policy.
Stay safe. Please abide by our code of conduct.