From owner-freebsd-chat@FreeBSD.ORG  Sat Jun 21 13:49:52 2003
Return-Path: <owner-freebsd-chat@FreeBSD.ORG>
Delivered-To: freebsd-chat@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 6DC9037B401
	for <chat@freebsd.org>; Sat, 21 Jun 2003 13:49:52 -0700 (PDT)
Received: from mta06-svc.ntlworld.com (mta06-svc.ntlworld.com [62.253.162.46])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 0975743FAF
	for <chat@freebsd.org>; Sat, 21 Jun 2003 13:49:51 -0700 (PDT)
	(envelope-from colin.percival@wadham.ox.ac.uk)
Received: from piii600.wadham.ox.ac.uk ([81.103.196.4])
	by mta06-svc.ntlworld.comESMTP
	<20030621204949.JTGV16215.mta06-svc.ntlworld.com@piii600.wadham.ox.ac.uk>;
	Sat, 21 Jun 2003 21:49:49 +0100
Message-Id: <5.0.2.1.1.20030621214547.02caec40@popserver.sfu.ca>
X-Sender: cperciva@popserver.sfu.ca
X-Mailer: QUALCOMM Windows Eudora Version 5.0.2
Date: Sat, 21 Jun 2003 21:49:45 +0100
To: Matthew West <mwest@uct.ac.za>
From: Colin Percival <colin.percival@wadham.ox.ac.uk>
In-Reply-To: <20030621204357.GA60681@ucthpx.uct.ac.za>
References: <5.0.2.1.1.20030621193449.02c91ce8@popserver.sfu.ca>
 <5.0.2.1.1.20030621175853.02c92e00@popserver.sfu.ca>
 <20030621163835.GA18653@tulip.epweb.co.za>
 <5.0.2.1.1.20030621175853.02c92e00@popserver.sfu.ca>
 <5.0.2.1.1.20030621193449.02c91ce8@popserver.sfu.ca>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
cc: chat@freebsd.org
Subject: Re: Cryptographically enabled ports tree.
X-BeenThere: freebsd-chat@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Non technical items related to the community
	<freebsd-chat.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-chat>,
	<mailto:freebsd-chat-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-chat>
List-Post: <mailto:freebsd-chat@freebsd.org>
List-Help: <mailto:freebsd-chat-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-chat>,
	<mailto:freebsd-chat-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 21 Jun 2003 20:49:52 -0000

At 22:43 21/06/2003 +0200, Matthew West wrote:
>On Sat, Jun 21, 2003 at 07:38:38PM +0100, Colin Percival wrote:
> > The only secure distribution,
> > AFAIK, is the ISO image, because the MD5 sum of that is announced in a
> > (signed) release announcement.
>
>Which is why it's a good idea to purchase the "official" FreeBSD CD set
>and use that to do your installation, or even just mount it on your local
>FTP server.

   Err... did you read what I wrote?  There's no need to purchase the CDs; 
the MD5 hash of the ISO image is securely published, so you can safely 
download the ISO image and burn your own CDs.
   Of course, there are other reasons to purchase the CDs, but security 
isn't one of them.

Colin Percival