en:developers:regulatory:wireless-regdb
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
|
en:developers:regulatory:wireless-regdb [2016/06/16 06:13] Andreas Mohr Correct typo |
en:developers:regulatory:wireless-regdb [2023/04/28 15:28] Christophe Doumenc [RSA Digital Signature] |
||
|---|---|---|---|
| Line 48: | Line 48: | ||
| ===== RSA Digital Signature ===== | ===== RSA Digital Signature ===== | ||
| - | Integrity of the binary regulatory file is ensured by digitally signing the regulatory data using a private key and embedding the signature into the binary file. When the file is loaded by the regulatory daemon the signature is checked against a list of public keys built into the regulatory daemon binary or by by checking against the list of public keys in a preconfigured directory. This process ensures regulatory.bin file authorship and integrity. | + | Integrity of the binary regulatory file is ensured by digitally signing the regulatory data using a private key and embedding the signature into the binary file. When the file is loaded by the regulatory daemon the signature is checked against a list of public keys built into the regulatory daemon binary or by checking against the list of public keys in a preconfigured directory. This process ensures regulatory.bin file authorship and integrity. |
| Both CRDA and wireless-regdb allows you to build it without RSA key signature checking, if this is something you find useless then do not use them, but we advise against it. The reason RSA digital signature checks are an option and is what is recommend is that regulatory bodies are highly sensitive towards compliance and the current infrastructure we have gives us best effort on our part of doing the best we can to ensure integrity of the files and also gives us a mechanism to use files from trusted parties on-the-fly. Distribution packaging tends to guarantee file integrity upon installation time and from a specific source but it does not give you on-the-fly file integrity checks. Integrity checks are possible through alternate means such as simple CRC checks but you'd then need a list of all allowed CRCs, by using RSA digital signatures you get both file integrity checks for _any_ binary built with the private key by checking for the signature -- and while at it you also can get file authorship protection -- all of this while the file is being read for usage in memory. Distributions do not protect against file corruption after the files are in place, for example. | Both CRDA and wireless-regdb allows you to build it without RSA key signature checking, if this is something you find useless then do not use them, but we advise against it. The reason RSA digital signature checks are an option and is what is recommend is that regulatory bodies are highly sensitive towards compliance and the current infrastructure we have gives us best effort on our part of doing the best we can to ensure integrity of the files and also gives us a mechanism to use files from trusted parties on-the-fly. Distribution packaging tends to guarantee file integrity upon installation time and from a specific source but it does not give you on-the-fly file integrity checks. Integrity checks are possible through alternate means such as simple CRC checks but you'd then need a list of all allowed CRCs, by using RSA digital signatures you get both file integrity checks for _any_ binary built with the private key by checking for the signature -- and while at it you also can get file authorship protection -- all of this while the file is being read for usage in memory. Distributions do not protect against file corruption after the files are in place, for example. | ||
| Line 64: | Line 64: | ||
| - | <code>To: seth.forshee@canonical.com | + | <code>To: sforshee@kernel.org |
| Cc: wireless-regdb@lists.infradead.org, linux-wireless@vger.kernel.org | Cc: wireless-regdb@lists.infradead.org, linux-wireless@vger.kernel.org | ||
| Subject: wireless-regdb: Update regulatory rules for France (FR) on 5GHz</code> | Subject: wireless-regdb: Update regulatory rules for France (FR) on 5GHz</code> | ||
en/developers/regulatory/wireless-regdb.txt ยท Last modified: 2023/12/22 03:50 by Chen-Yu Tsai
Page Tools
