Date: Sun, 27 Nov 2005 16:02:36 -0500 From: Wesley Shields <wxs@csh.rit.edu> To: Szilveszter Adam <sziszi@bsd.hu>, freebsd-security@freebsd.org Subject: Re: Reflections on Trusting Trust Message-ID: <20051127210236.GA28643@csh.rit.edu> In-Reply-To: <20051127085729.GA947@momo.buza.adamsfamily.xx> References: <20051126224530.GD27757@cirb503493.alcatel.com.au> <20051127085729.GA947@momo.buza.adamsfamily.xx>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Nov 27, 2005 at 09:57:31AM +0100, Szilveszter Adam wrote: > Hello Peter, > > On Sun, Nov 27, 2005 at 09:45:30AM +1100, Peter Jeremy wrote: > > - Signing ISO images with a Project key and/or certificate in addition > > to providing MD5 checksums. > > - Investigate providing authenticated protocols for updating FreeBSD. > > Also, one should not forget the currently present FTP infrastructure > either. While the content is publicly available, their integrity should > be verifiable. The same goes for ports distfiles: ideally the should be > signed, at least the checksums. The pkg_* tools AFAIK already have sig > checking capability for > the binary packages, but somehow this should be extended to the "build > from source" version as well, particularly since this seems to be the > more often used method. Ports distfiles are recorded with MD5 (and SHA256 now that it's in the base of 6.x, though it can be added via a port to other versions) signatures. I'm not entirely sure of the pkg_* tools doing signature verification but it would be nice to have. -- WXS
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20051127210236.GA28643>