Date: Tue, 06 Feb 2001 10:09:03 -0700 From: Wes Peters <wes@softweyr.com> To: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> Cc: freebsd-security@FreeBSD.ORG, freebsd-ports@FreeBSD.ORG Subject: Re: Package integrity check? Message-ID: <3A802FAF.792F61F5@softweyr.com> References: <20010205210459.A2479@acc.umu.se> <3A7F9AB6.5CAA983B@softweyr.com> <200102061526.KAA31832@khavrinen.lcs.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
Garrett Wollman wrote:
>
> <<On Mon, 05 Feb 2001 23:33:26 -0700, Wes Peters <wes@softweyr.com> said:
>
> > We could discuss some of the sensible things people asked for and
> > add them after the fact.
>
> We also need to be very clear about what it means for a package to be
> signed -- particularly in light of laws in the US and elsewhere giving
> legal status to digital signatures. If there's one good thing to be
> said about X.509, there's a lot of ways to stick signed blobs of text
> into those certificates....
That's pretty much at the discretion of the parties signing and verifying
the packages. One of the signatures is a simple SHA1 crypto checksum,
that implies little other than you got what the package creator put
together to a fair degree of certainty.
Everyone reading this thread should note that the signature exists ONLY
in the gzip header for a .tgz package; no attempt is made to sign the
extracted onto the system or anything like that. It is the package that
is signed, not the application. OTOH, the idea of signed executables
intrigues me...
--
"Where am I, and what am I doing in this handbasket?"
Wes Peters Softweyr LLC
wes@softweyr.com http://softweyr.com/
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3A802FAF.792F61F5>