Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1752826AbcCHOR3 (ORCPT <rfc822;w@1wt.eu>);
	Tue, 8 Mar 2016 09:17:29 -0500
Received: from lan.nucleusys.com ([92.247.61.126]:35348 "EHLO
	zztop.nucleusys.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org
	with ESMTP id S1750791AbcCHORV (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Tue, 8 Mar 2016 09:17:21 -0500
Date: Tue, 8 Mar 2016 16:06:23 +0200
From: Petko Manolov <petkan@mip-labs.com>
To: David Howells <dhowells@redhat.com>
Cc: Mimi Zohar <zohar@linux.vnet.ibm.com>,
        linux-security-module@vger.kernel.org, keyrings@vger.kernel.org,
        linux-kernel@vger.kernel.org
Subject: Re: [RFC PATCH 11/12] certs: Add a secondary system keyring that can
 be added to dynamically [ver #2]
Message-ID: <20160308140623.GB2243@p310>
Mail-Followup-To: David Howells <dhowells@redhat.com>,
	Mimi Zohar <zohar@linux.vnet.ibm.com>,
	linux-security-module@vger.kernel.org, keyrings@vger.kernel.org,
	linux-kernel@vger.kernel.org
References: <1457402735.5321.14.camel@linux.vnet.ibm.com>
 <20160304150022.17121.34501.stgit@warthog.procyon.org.uk>
 <20160304150142.17121.56666.stgit@warthog.procyon.org.uk>
 <30699.1457442839@warthog.procyon.org.uk>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <30699.1457442839@warthog.procyon.org.uk>
User-Agent: Mutt/1.5.24 (2015-08-30)
X-Spam-Score: -1.0 (-)
X-Spam-Report: Spam detection software, running on the system "zztop.nucleusys.com",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 Content preview:  On 16-03-08 13:13:59, David Howells wrote: > Mimi Zohar <zohar@linux.vnet.ibm.com>
    wrote: > > > but we're left with a lot of references to "system_trusted"
   (eg. > > restrict_link_to_system_trusted, depends on SYSTEM_TRUSTED_KEYRING
    > > How about I pluralise it to SYSTEM_TRUSTED_KEYRINGS? The fact that one
    is > called builtin and the other secondary doesn't detract from the fact
    that > they're both system-wide rings of trusted keys. > > Or would you prefer
    .system_trusted_keys and .secondary_trusted_keys? Even > though the second
    is also a "system" trusted keyring. [...] 
 Content analysis details:   (-1.0 points, 5.0 required)
  pts rule name              description
 ---- ---------------------- --------------------------------------------------
 -1.0 ALL_TRUSTED            Passed through trusted hosts only via SMTP
  0.0 TVD_RCVD_IP            Message was received from an IP address
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 643
Lines: 18

On 16-03-08 13:13:59, David Howells wrote:
> Mimi Zohar <zohar@linux.vnet.ibm.com> wrote:
> 
> > but we're left with a lot of references to "system_trusted" (eg.
> > restrict_link_to_system_trusted, depends on SYSTEM_TRUSTED_KEYRING
> 
> How about I pluralise it to SYSTEM_TRUSTED_KEYRINGS?  The fact that one is
> called builtin and the other secondary doesn't detract from the fact that
> they're both system-wide rings of trusted keys.
> 
> Or would you prefer .system_trusted_keys and .secondary_trusted_keys?  Even
> though the second is also a "system" trusted keyring.

Ah, naming things...  This is true science... :-)


cheers,
Petko