From owner-freebsd-security Thu Jan 13 13:59:29 2000 Delivered-To: freebsd-security@freebsd.org Received: from apollo.backplane.com (apollo.backplane.com [216.240.41.2]) by hub.freebsd.org (Postfix) with ESMTP id EF8DD14F56; Thu, 13 Jan 2000 13:59:27 -0800 (PST) (envelope-from dillon@apollo.backplane.com) Received: (from dillon@localhost) by apollo.backplane.com (8.9.3/8.9.1) id NAA86433; Thu, 13 Jan 2000 13:59:07 -0800 (PST) (envelope-from dillon) Date: Thu, 13 Jan 2000 13:59:07 -0800 (PST) From: Matthew Dillon Message-Id: <200001132159.NAA86433@apollo.backplane.com> To: "Rodney W. Grimes" Cc: jkh@zippy.cdrom.com (Jordan K. Hubbard), markm@FreeBSD.ORG, security@FreeBSD.ORG Subject: Re: We need to do an audit of our "crypto", both current and planned. References: <200001132119.NAA33623@gndrsh.dnsmgr.net> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org What I would recommend is that you create a URL to a CGI on freefall which generates hotlinks to the various major sections. Does our web-cvs archive allow us to retrieve things by tag? If so then the solution is trivial. We simply have the CGI list the available releases as hotlinks, and go from there. The accessor can then click on the release he is interested in and then click on the various crypto hotlinks that extract the appropriate relase from the CVS tree. Alternatively you can just have a URL that points into the current source tree (e.g. to the top level 'src' and 'crypto' directories). If the government complains you can always change it to be more specific later on. I really doubt the government will care. Certainly nothing drastic will happen if all the information is there but not specifically hotlinked (i.e. accessor must delve through the source tree, but the location of the major crypto stuff is obvious). -Matt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message