SergiiDmytruk

> [...] or maybe using a library that's more suitable for constrained environments (some seem to provide OpenSSL-compatible interface), but that might be unfeasible [...] I wanted to revert switch...

Instead of booting an OS rebased EDK rebooted like this on Z790-P DDR5 ``` Memory Previous Current Next Type Pages Pages Pages ====== ======== ======== ======== 09 00000008 00000014 00000019...

> I wonder if it may be missing something that we need. We need to run some tests to find out. Tried enabling SecureBoot, found a related rebase issue, but...

OK, fix for enrolling dbx default needs to be done in reverse now: drop time based payload header for dbx instead of adding the header to everything else. With it,...

> Hi all, I am upstreaming the missing features for CryptoPkgMbedTls. Hi. Thanks for that. I can see PRs are closed and commits merged (https://github.com/tianocore/edk2/commit/08281572aab5b1f7e05bf26de4148af19eddc8b7 and parents). Because of some...

Used OpenSSL-less version in https://github.com/Dasharo/edk2/pull/129/commits/766b5a9292f276588c6cd4141d0e1a6b61bc1c9f. Also https://github.com/Dasharo/edk2/pull/129/commits/bd05440cf1c04003a06098b238af9822bb20ec27 could be of interest as it fixes some LTO warnings produced by the build.

No Jira task for this, or is it part of some task named differently? Update: I found it.

coreboot PR (`capsule.sh` update): https://github.com/Dasharo/coreboot/pull/552 docs PR: https://github.com/Dasharo/docs/pull/885

@krystian-hebel > outlining the process of signing binaries without the use of a private key Signing isn't possible without a private key. https://docs.dasharo.com/projects/capsule-updates/ says: > The milestone includes creating a...

Docs PR: https://github.com/Dasharo/docs/pull/881 coreboot PR (script): https://github.com/Dasharo/coreboot/pull/549