README.md: update
This commit is contained in:
Harald Hoyer
parent
46bf3defea
commit
dfc067af2f
19
README.md
19
README.md
|
|
@ -2,6 +2,25 @@
|
|||
|
||||
WIP
|
||||
|
||||
## Goals
|
||||
- secure boot to the login screen
|
||||
- ensured integrity to the login screen
|
||||
- encrypted volatile data
|
||||
- A/B boot switching for updates
|
||||
- Flatpak
|
||||
- basic desktop
|
||||
- optional: bind encrypted data partition to TPM2
|
||||
- optional: frequent reencryption of the data partition
|
||||
|
||||
## Non-Goals
|
||||
- can't secure against someone writing anything to disk
|
||||
- can't secure against someone scraping secret keys from the kernel
|
||||
|
||||
## TODO
|
||||
- merge mkimage.sh and clonedisk
|
||||
- update mechanism
|
||||
- signing tools
|
||||
|
||||
## Create
|
||||
|
||||
```bash
|
||||
|
|
|
|||
Loading…
Reference in a new issue