Date: Sun, 9 Mar 2003 14:19:21 +0100 From: "Simon L. Nielsen" <simon@nitro.dk> To: Colin Percival <colin.percival@wadham.ox.ac.uk> Cc: freebsd-binup@FreeBSD.ORG Subject: Re: binup project Message-ID: <20030309131919.GF379@nitro.dk> In-Reply-To: <5.0.2.1.1.20030308222612.033d0e90@popserver.sfu.ca> References: <5.0.2.1.1.20030307134749.01d80ba8@popserver.sfu.ca> <200303061459.00436.michael@zend.com> <200303061459.00436.michael@zend.com> <5.0.2.1.1.20030307134749.01d80ba8@popserver.sfu.ca> <5.0.2.1.1.20030308222612.033d0e90@popserver.sfu.ca>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] On 2003.03.08 22:34:37 +0000, Colin Percival wrote: > My code cryptographically signs the updates; they can then be > distributed by whatever means is convenient (http, ftp, shortwave radio > broadcast...) although since the client code uses fetch(1) that imposes > some restrictions. Doing things this way, in addition to eliminating > spoofing attacks, also makes it possible for the severely paranoid to > perform all secure operations on a system which is physically disconnected > from the Internet (and copy the update files to a webserver via sneakernet). Ok, looking forward to seeing your next version. -- Simon L. Nielsen [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQE+az9X8kocFXgPTRwRAmlDAKCVQY8ywdGF/xhNpgDPim7P0txG4ACfWd+o tMmL8UR7CdyawAP2+bLnGhk= =ekkU -----END PGP SIGNATURE-----home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030309131919.GF379>