From owner-freebsd-questions@FreeBSD.ORG Thu Jun 7 07:40:41 2012 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B00E01065673 for ; Thu, 7 Jun 2012 07:40:41 +0000 (UTC) (envelope-from ml@my.gd) Received: from mail-wg0-f50.google.com (mail-wg0-f50.google.com [74.125.82.50]) by mx1.freebsd.org (Postfix) with ESMTP id 356398FC0C for ; Thu, 7 Jun 2012 07:40:40 +0000 (UTC) Received: by wgbds11 with SMTP id ds11so247380wgb.31 for ; Thu, 07 Jun 2012 00:40:40 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=references:in-reply-to:mime-version:content-transfer-encoding :content-type:message-id:cc:x-mailer:from:subject:date:to :x-gm-message-state; bh=X6dyQIh6/6Q2wFwWJtiw1OtAAcv1JJ4YsU45pp7O608=; b=LwdArsOSMwWpt240+cOVKhIxnU2OpZApmofpU9ypeT8HFXYpsyY2jpm2WNJOAhi/QN m70Fc/HCIWJpvCb2DKxW5dfJCzL5HAulZEYyoN0+AzzQ8ecYW2LCsbP8ScvcCRqZmgH5 63Ml7WeVV4ZRLigvJojo3iRYWidQPQZL0i7YMuy5DkaZBtzxD9FccfdWUjjmpoN0c6Ms kHStxIg7r9SU2/LWfCgux8/MaN+nmv2td38TVI8pTXqlmopB9d4fsL7ltsyhu6oeyJYl cjQH9GsoHl0cBMwbXyEfNUI+33pXQrBQ0Lra7TDhJJPQBN7YNT2JJJtoiqNKw8qhecI+ 1PZA== Received: by 10.216.193.162 with SMTP id k34mr159554wen.54.1339054840079; Thu, 07 Jun 2012 00:40:40 -0700 (PDT) Received: from [10.99.161.69] ([92.90.16.33]) by mx.google.com with ESMTPS id d10sm8388324wiy.3.2012.06.07.00.40.37 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 07 Jun 2012 00:40:39 -0700 (PDT) References: <201206062354.q56NsMAA037016@mail.r-bonomi.com> In-Reply-To: <201206062354.q56NsMAA037016@mail.r-bonomi.com> Mime-Version: 1.0 (1.0) Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii Message-Id: <7957D8B9-6317-43DB-9D9D-A12BE7AF494C@my.gd> X-Mailer: iPhone Mail (9A405) From: Damien Fleuriot Date: Thu, 7 Jun 2012 09:40:27 +0200 To: Robert Bonomi X-Gm-Message-State: ALoCoQl4Rgi0U4ryC/H4DpY7lwnMxD00HiNM2jhZF+IqylEH0VncZCF3MGhzs44s+dNvO3ACGn5X Cc: "freebsd-questions@freebsd.org" Subject: Re: Is this something we (as consumers of FreeBSD) need to be aware of? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 07 Jun 2012 07:40:41 -0000 On 7 Jun 2012, at 01:54, Robert Bonomi wrote: >> =46rom owner-freebsd-questions@freebsd.org Wed Jun 6 18:13:09 2012 >> Date: Thu, 07 Jun 2012 00:09:54 +0100 >> From: Bruce Cran >> To: Robert Bonomi >> Cc: freebsd-questions@freebsd.org >> Subject: Re: Is this something we (as consumers of FreeBSD) need to be aw= are >> of? >>=20 >> On 06/06/2012 20:27, Robert Bonomi wrote: >>> Suppose I put up a web app that takes an executable as input, signs it=20= >>> with my key, and returns the signed filt to the submitter. I don't=20 >>> divulge the key to anyone, just use it on 'anything'. Anybody=20 >>> attempting to revoke on _that_ basis is asking for a lawsuit. >>=20 >> To me it would be perfectly reasonable to revoke the key as soon as you=20= >> signed the first piece of malware. >=20 > It may seem reasonable to you, but is there -legal- basis to do so?=20 >=20 > 'signing' only provides assurance of the identity of the signer. I did > sign it. The key has not been compromised. The software in question=20 > is tracable to the signer, but the signer never claimed it was 'error free= ', > what conract or statute did they breach by doing the signing? =20 >=20 Signing anything and everything defeats the purpose the key and this whole c= harade are implemented for. Under the contract's undoubtedly carefully penned clauses, this would allow f= or a key revocation. Make no mistake, they'll go over that contract for several weeks, giving the= mselves as much manoeuvring room as possible.=