Date: Tue, 5 Apr 2011 06:39:18 +0000 From: Dan Van Pelt <Dan.VanPelt@wwu.edu> To: Garrett Wollman <wollman@bimajority.org> Cc: richo <richo@psych0tik.net>, "freebsd-security@freebsd.org" <freebsd-security@freebsd.org> Subject: Re: SSL is broken on FreeBSD Message-ID: <C4FD4B4A-C985-4745-A79B-130AB9512370@wwu.edu> In-Reply-To: <19866.30558.24345.112771@hergotha.csail.mit.edu> References: <AANLkTin_zZgHRg7QtEwH2V8WOd=nvBcKdYvJkshGCt-R@mail.gmail.com> <1301729856.5812.12.camel@w500.local> <20110404205705.GA52172@server.vk2pj.dyndns.org> <20110404230546.GA25778@richh-desktop.boxdice.com.au>, <19866.30558.24345.112771@hergotha.csail.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Apr 4, 2011, at 7:39 PM, "Garrett Wollman" <wollman@bimajority.org> wrot= e: > <<On Tue, 5 Apr 2011 09:05:47 +1000, richo <richo@psych0tik.net> said: >=20 >> On 05/04/11 06:57 +1000, Peter Jeremy wrote: >>> It has occurred to me that maybe the FreeBSD SO should create a root >>> cert and distribute that with FreeBSD. That certificate would at >>> least have the same trust level as FreeBSD. >>>=20 >>> --=20 >>> Peter Jeremy >=20 >> But what would that CA trust? >=20 > The certificates he also generates for services like freebsd-update > and portsnap. And probably also a certificate for use in email to the > security-officer role, so that those benighted people who only have > access to S/MIME email can still send him private messages. Ideally > it would also be used to sign the CHECKSUMS files on the FTP site, so > that the installer could check whether it was talking to an authentic > mirror site and ask the user what to do. >=20 Not ideally, but rather critically, should the CHECKSUMS files be signed wi= th some well guarded and official public key. Not to sound paranoid or any= thing... I would welcome having a 'FreeBSD' root certificate ship with the OS but wo= uld leave the other certs to the domain of a port that I install when neede= d. FWIW (and forgive me if this is already the case) it would be nice to h= ave a port equivalent to security/ca_root_nss that would allow the user to = select which certs get installed during configuration. Cheers, Dan van Pelt
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?C4FD4B4A-C985-4745-A79B-130AB9512370>