From owner-freebsd-security Thu Feb 4 07:54:45 1999 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id HAA04983 for freebsd-security-outgoing; Thu, 4 Feb 1999 07:54:45 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id HAA04977 for ; Thu, 4 Feb 1999 07:54:43 -0800 (PST) (envelope-from wollman@khavrinen.lcs.mit.edu) Received: (from wollman@localhost) by khavrinen.lcs.mit.edu (8.9.1/8.9.1) id KAA16479; Thu, 4 Feb 1999 10:54:40 -0500 (EST) (envelope-from wollman) Date: Thu, 4 Feb 1999 10:54:40 -0500 (EST) From: Garrett Wollman Message-Id: <199902041554.KAA16479@khavrinen.lcs.mit.edu> To: James Wyatt Cc: freebsd-security@FreeBSD.ORG Subject: Signatures on installation media (was: Re: tcpdump) In-Reply-To: References: <199902040830.TAA13906@cheops.anu.edu.au> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org < said: > The crypto-sigs on the ROM would be better than TripWire sigs on a floppy > for the standard executables. For packages, would you have a list w/the > pkg and a sig for the lists? The CD-ROM already has MD5 digests for every file which can be installed (except X). There's not much point in signing something, since the verification key would have to be distributed on the same medium. You'll just have to trust your CD-ROM vendor. -GAWollman -- Garrett A. Wollman | O Siem / We are all family / O Siem / We're all the same wollman@lcs.mit.edu | O Siem / The fires of freedom Opinions not those of| Dance in the burning flame MIT, LCS, CRS, or NSA| - Susan Aglukark and Chad Irschick To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message