Date: Sun, 9 Mar 2003 14:19:21 +0100 From: "Simon L. Nielsen" <simon@nitro.dk> To: Colin Percival <colin.percival@wadham.ox.ac.uk> Cc: freebsd-binup@FreeBSD.ORG Subject: Re: binup project Message-ID: <20030309131919.GF379@nitro.dk> In-Reply-To: <5.0.2.1.1.20030308222612.033d0e90@popserver.sfu.ca> References: <5.0.2.1.1.20030307134749.01d80ba8@popserver.sfu.ca> <200303061459.00436.michael@zend.com> <200303061459.00436.michael@zend.com> <5.0.2.1.1.20030307134749.01d80ba8@popserver.sfu.ca> <5.0.2.1.1.20030308222612.033d0e90@popserver.sfu.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
--NzB8fVQJ5HfG6fxh Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2003.03.08 22:34:37 +0000, Colin Percival wrote: > My code cryptographically signs the updates; they can then be=20 > distributed by whatever means is convenient (http, ftp, shortwave radio= =20 > broadcast...) although since the client code uses fetch(1) that imposes= =20 > some restrictions. Doing things this way, in addition to eliminating=20 > spoofing attacks, also makes it possible for the severely paranoid to=20 > perform all secure operations on a system which is physically disconnecte= d=20 > from the Internet (and copy the update files to a webserver via sneakerne= t). Ok, looking forward to seeing your next version. --=20 Simon L. Nielsen --NzB8fVQJ5HfG6fxh Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQE+az9X8kocFXgPTRwRAmlDAKCVQY8ywdGF/xhNpgDPim7P0txG4ACfWd+o tMmL8UR7CdyawAP2+bLnGhk= =ekkU -----END PGP SIGNATURE----- --NzB8fVQJ5HfG6fxh-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-binup" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030309131919.GF379>