-
### Issue description
Updating DS records after a KSK rollover is typically a manual task. Manual tasks are bad because they are error-prone and require humans. Humans are good people (mostly), but D…
-
Hi,
I am following your tutorial on YouTube for ONIE secure Boot tutorial.
I am attempting to generate the keys using the command:
$: make MACHINE=kvm_x86_64 signing-keys-install.
A majority o…
-
I have an issuing CA setup that I can issue default certificates from, but cannot get signing profiles to work. On the CA I'm using the following configuration:
``` json
{
"auth_keys": {
"serve…
-
equiring TOTP or security keys for uploading artifacts could prevent attackers from uploading mods to compromised accounts in the event that a signing certificate is leaked; or if signing certificates…
-
Your first run should be `barge wizard`, which should follow this script:
1. Do you have an Airship supplier account?
- Yes -> Go to Step 2
- No -> Instruct user to create one at the correct URL…
-
signingKey should generally refer to a set of keys, except for insert token (which should bind to the specific key that the token was issued against).
-
### Steps to reproduce
1. Sign up
2. Log in
3. Immediately log out, before setting up 4S (presumably)
4. Log back in:
 ideas. In TFLint, we distribute signatures and a public key to verify that the release was cr…
-
### Summary
Route53 allows enabling DNSSEC keys on registered domain, and also enable DNSSEC signing per hosted zone. It would be amazing if this was configurable through Ansible as well.
It would…