en:developers:regulatory:wireless-regdb
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
|
en:developers:regulatory:wireless-regdb [2015/11/24 07:42] Xose Vazquez Perez |
en:developers:regulatory:wireless-regdb [2023/04/28 15:28] Christophe Doumenc [RSA Digital Signature] |
||
|---|---|---|---|
| Line 48: | Line 48: | ||
| ===== RSA Digital Signature ===== | ===== RSA Digital Signature ===== | ||
| - | Integrity of the binary regulatory file is ensured by digitally signing the regulatory data using a private key and embedding the signature into the binary file. When the file is loaded by the regulatory daemon the signature is checked against a list of public keys built into the regulatory daemon binary or by by checking against the list of public keys in a preconfigured directory. This process ensures regulatory.bin file authorship and integrity. | + | Integrity of the binary regulatory file is ensured by digitally signing the regulatory data using a private key and embedding the signature into the binary file. When the file is loaded by the regulatory daemon the signature is checked against a list of public keys built into the regulatory daemon binary or by checking against the list of public keys in a preconfigured directory. This process ensures regulatory.bin file authorship and integrity. |
| Both CRDA and wireless-regdb allows you to build it without RSA key signature checking, if this is something you find useless then do not use them, but we advise against it. The reason RSA digital signature checks are an option and is what is recommend is that regulatory bodies are highly sensitive towards compliance and the current infrastructure we have gives us best effort on our part of doing the best we can to ensure integrity of the files and also gives us a mechanism to use files from trusted parties on-the-fly. Distribution packaging tends to guarantee file integrity upon installation time and from a specific source but it does not give you on-the-fly file integrity checks. Integrity checks are possible through alternate means such as simple CRC checks but you'd then need a list of all allowed CRCs, by using RSA digital signatures you get both file integrity checks for _any_ binary built with the private key by checking for the signature -- and while at it you also can get file authorship protection -- all of this while the file is being read for usage in memory. Distributions do not protect against file corruption after the files are in place, for example. | Both CRDA and wireless-regdb allows you to build it without RSA key signature checking, if this is something you find useless then do not use them, but we advise against it. The reason RSA digital signature checks are an option and is what is recommend is that regulatory bodies are highly sensitive towards compliance and the current infrastructure we have gives us best effort on our part of doing the best we can to ensure integrity of the files and also gives us a mechanism to use files from trusted parties on-the-fly. Distribution packaging tends to guarantee file integrity upon installation time and from a specific source but it does not give you on-the-fly file integrity checks. Integrity checks are possible through alternate means such as simple CRC checks but you'd then need a list of all allowed CRCs, by using RSA digital signatures you get both file integrity checks for _any_ binary built with the private key by checking for the signature -- and while at it you also can get file authorship protection -- all of this while the file is being read for usage in memory. Distributions do not protect against file corruption after the files are in place, for example. | ||
| Line 59: | Line 59: | ||
| ===== Sending updates to the regulatory database ===== | ===== Sending updates to the regulatory database ===== | ||
| - | If you find any errors please send them to the [[http://lists.infradead.org/mailman/listinfo/wireless-regdb|wirleess-regdb]](subscribers-only) mailing list and the [[en/developers/MailingLists|linux-wireless mailing list]], either as patches to the [[http://git.kernel.org/?p=linux/kernel/git/sforshee/wireless-regdb.git;a=blob;f=db.txt;hb=HEAD|db.txt]] file from the [[http://git.kernel.org/?p=linux/kernel/git/sforshee/wireless-regdb.git;a=summary|wireless-regdb git tree]], or just tell us what is wrong in plain English. | + | If you find any errors please send them to the [[http://lists.infradead.org/mailman/listinfo/wireless-regdb|wireless-regdb]](subscribers-only) mailing list and the [[en/developers/MailingLists|linux-wireless mailing list]], either as patches to the [[http://git.kernel.org/?p=linux/kernel/git/sforshee/wireless-regdb.git;a=blob;f=db.txt;hb=HEAD|db.txt]] file from the [[http://git.kernel.org/?p=linux/kernel/git/sforshee/wireless-regdb.git;a=summary|wireless-regdb git tree]], or just tell us what is wrong in plain English. |
| Patches sent to the wireless-regdb git tree should be addressed as follows: | Patches sent to the wireless-regdb git tree should be addressed as follows: | ||
| - | <code>To: seth.forshee@canonical.com | + | <code>To: sforshee@kernel.org |
| Cc: wireless-regdb@lists.infradead.org, linux-wireless@vger.kernel.org | Cc: wireless-regdb@lists.infradead.org, linux-wireless@vger.kernel.org | ||
| Subject: wireless-regdb: Update regulatory rules for France (FR) on 5GHz</code> | Subject: wireless-regdb: Update regulatory rules for France (FR) on 5GHz</code> | ||
en/developers/regulatory/wireless-regdb.txt ยท Last modified: 2023/12/22 03:50 by Chen-Yu Tsai
Page Tools
