Date: Tue, 11 Jan 2000 11:51:40 -0800 (PST) From: Kris Kennaway <kris@hub.freebsd.org> To: Stephen McKay <syssgm@detir.qld.gov.au> Cc: freebsd-security@freebsd.org Subject: Re: cvs commit: src/usr.sbin/ctm/ctm ctm.1 src/usr.sbin/ctm/ctm_rmail ctm_rmail.1 Message-ID: <Pine.BSF.4.21.0001111148150.95142-100000@hub.freebsd.org> In-Reply-To: <200001111218.WAA31198@nymph.detir.qld.gov.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 11 Jan 2000, Stephen McKay wrote: > But you are correct from a theoretical viewpoint; an attack *could* be > made on the current email distributed ctm system. So, I am motivated > to work on a cryptographic signature enhancement. Otherwise, what is > the point of distributing a program with a manual that advises everyone > not to use it?! I agree: this was something I planned to work on in the near future. The solution is actually very simple, it just requires a bit of infrastructure to get there. Now that we have OpenSSL in the base system (well, it's still coming for US folks because of untidiness in the code I have to clean up), we need to get a FreeBSD certificate authority of some sort set up, and the CTM administrator would (have the generator) sign each delta with a DSA key, the public half of which is distributed to the clients. > Also, if the delta format changes, it would be a good time to introduce other > changes, like detecting when files move from foo/bar.c to foo/Attic/bar.c > and thus further reducing delta sizes. It would certainly be better to make these changes at the same time. Kris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0001111148150.95142-100000>