README.md: update
This commit is contained in:
Harald Hoyer
parent
46bf3defea
commit
dfc067af2f
1 changed files with 21 additions and 2 deletions
19
README.md
19
README.md
|
|
@ -2,6 +2,25 @@
|
||||||
|
|
||||||
WIP
|
WIP
|
||||||
|
|
||||||
|
## Goals
|
||||||
|
- secure boot to the login screen
|
||||||
|
- ensured integrity to the login screen
|
||||||
|
- encrypted volatile data
|
||||||
|
- A/B boot switching for updates
|
||||||
|
- Flatpak
|
||||||
|
- basic desktop
|
||||||
|
- optional: bind encrypted data partition to TPM2
|
||||||
|
- optional: frequent reencryption of the data partition
|
||||||
|
|
||||||
|
## Non-Goals
|
||||||
|
- can't secure against someone writing anything to disk
|
||||||
|
- can't secure against someone scraping secret keys from the kernel
|
||||||
|
|
||||||
|
## TODO
|
||||||
|
- merge mkimage.sh and clonedisk
|
||||||
|
- update mechanism
|
||||||
|
- signing tools
|
||||||
|
|
||||||
## Create
|
## Create
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue