When reading secure boot, one question came up: why is it necessary to verify a chain of certificates?
Found an answer from msdn:
In order to perform a code signing operation, both private key and signer identification information must be supplied. The digital certificate used in the signature usually supplies the signer identification information, however. Thus, the private key must be supplied through some other means. Additionally, the signature must include the certificate chain for the cryptographic service provider (CSP), up to a root certificate trusted by the user, in order for the signed file to be authenticated. So in all, there are several items that need to be provided in order to generate a digital signature.
7/24 9pm: 游泳62 lengths at 4S LAfitness.
7/26: stayed indoor in the mornig: not good.
played racket ball 1.5 hours at noon.
7/27: 5pm
游泳80 lengths at 4S LAfitness.
No comments:
Post a Comment