From owner-freebsd-security Tue Jan 11 11:51:42 2000 Delivered-To: freebsd-security@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 758) id 7DD6E151FB; Tue, 11 Jan 2000 11:51:40 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by hub.freebsd.org (Postfix) with ESMTP id 6B2A21CD43D; Tue, 11 Jan 2000 11:51:40 -0800 (PST) (envelope-from kris@hub.freebsd.org) Date: Tue, 11 Jan 2000 11:51:40 -0800 (PST) From: Kris Kennaway To: Stephen McKay Cc: freebsd-security@freebsd.org Subject: Re: cvs commit: src/usr.sbin/ctm/ctm ctm.1 src/usr.sbin/ctm/ctm_rmail ctm_rmail.1 In-Reply-To: <200001111218.WAA31198@nymph.detir.qld.gov.au> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, 11 Jan 2000, Stephen McKay wrote: > But you are correct from a theoretical viewpoint; an attack *could* be > made on the current email distributed ctm system. So, I am motivated > to work on a cryptographic signature enhancement. Otherwise, what is > the point of distributing a program with a manual that advises everyone > not to use it?! I agree: this was something I planned to work on in the near future. The solution is actually very simple, it just requires a bit of infrastructure to get there. Now that we have OpenSSL in the base system (well, it's still coming for US folks because of untidiness in the code I have to clean up), we need to get a FreeBSD certificate authority of some sort set up, and the CTM administrator would (have the generator) sign each delta with a DSA key, the public half of which is distributed to the clients. > Also, if the delta format changes, it would be a good time to introduce other > changes, like detecting when files move from foo/bar.c to foo/Attic/bar.c > and thus further reducing delta sizes. It would certainly be better to make these changes at the same time. Kris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message