Date: Sun, 9 Jul 2006 18:46:48 +1000 From: Peter Jeremy <peterjeremy@optushome.com.au> To: Colin Percival <cperciva@freebsd.org> Cc: FreeBSD Stable <freebsd-stable@freebsd.org> Subject: Re: FreeBSD 6.0->6.1 binary upgrade script Message-ID: <20060709084648.GC719@turion.vk2pj.dyndns.org> In-Reply-To: <44B0B367.1020406@freebsd.org> References: <44B0B367.1020406@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--w7PDEPdKQumQfZlR Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, 2006-Jul-09 00:42:31 -0700, Colin Percival wrote: > I have written an automatic script >for performing binary FreeBSD 6.0 -> FreeBSD 6.1 upgrades. That sounds useful. Are you intending to provide this for future FreeBSD minor-revision releases? >Naturally, the cryptographic hashes of all the files are verified >against values stored in the script, so as long as you trust the >FreeBSD Security Officer (and if you don't, why are you running >FreeBSD?), the process is entirely secure. But how can I tell that the script came from the FreeBSD Security Officer? You have signed your mail with a key (ID 0xD09347FC) that claims to be a Colin Percival with an Oxford Uni address (whereas this mail has a freebsd.org address) but the key that I downloaded from a PGP keyserver has no other signatures. You don't have a key in the FreeBSD CVS repository that I can locate and I can't find any keys on www.daemonology.net. Basically, I only have your word that you are who you claim to be. (Of course, I still need to be able to trust the FreeBSD CVS repository but if I can't trust that, I can't trust my OS either). If you really are the FreeBSD Security Officer why can't I find copies of your key and FreeBSD SO key (0xCA6CDFB2) that are counter-signed by each other? --=20 Peter Jeremy --w7PDEPdKQumQfZlR Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (FreeBSD) iD8DBQFEsMJ3/opHv/APuIcRAvOdAJ0ZwnMVKJ5RXXKmblnkio0ei52uMQCfSEno nat0bDmI97NSKK170/bBB0c= =1DFq -----END PGP SIGNATURE----- --w7PDEPdKQumQfZlR--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060709084648.GC719>