Jcat: A New Alternative To Microsoft Catalog Files
Written by Michael Larabel in Free Software on 28 February 2020 at 11:41 AM EST. 7 Comments
FREE SOFTWARE --
Prolific open-source developer Richard Hughes of Red Hat who has been responsible for the creation of PackageKit, the ColorHug colorimeter hardware, GNOME Software, and for the past number of years focused on the Fwupd firmware updating utility and Linux Vendor Firmware Service (LVFS) has a new open-source project.

Brought on by his LVFS development work, Hughes began developing Jcat as a new open-source project providing an alternative to Microsoft Catalog files. Due to Microsoft still not having documented the Catalog file format that hosts security catalog information and with that the inability to reliably generate Catalog files from Linux, Richard Hughes began developing Jcat. Jcat and Microsoft Catalog files are focused on holding arbitrary signatures for external files. This is of importance for LVFS for ensuring BIOS/firmware files are not tampered with and in fact originated from the LVFS platform.

Jcat amounts to being a gzipped JSON file of detached signatures. It's designed to be easy to support in varying languages / platforms and overcomes the issues of Microsoft Catalog files handling. Hughes currently has a work-in-progress branch supporting Jcat files within fwupd and LVFS.

Those wanting to learn more can do so via Richard's blog in announcing the new effort today.
Related News
About The Author
Author picture

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter or contacted via MichaelLarabel.com.

Popular News This Week