Date: Sun, 27 Nov 2005 09:57:31 +0100 From: Szilveszter Adam <sziszi@bsd.hu> To: freebsd-security@freebsd.org Subject: Re: Reflections on Trusting Trust Message-ID: <20051127085729.GA947@momo.buza.adamsfamily.xx> In-Reply-To: <20051126224530.GD27757@cirb503493.alcatel.com.au> References: <20051126224530.GD27757@cirb503493.alcatel.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello Peter, On Sun, Nov 27, 2005 at 09:45:30AM +1100, Peter Jeremy wrote: > Overall, I believe FreeBSD could be improved by: > - Formulating and promulgating a policy for the protection and use of > FreeBSD Project DNS, keys and certificates. (The public version of > the policy does not go into explicit details but should allow an > independent observer to verify its adequacy). > - Creating a FreeBSD Release Engineering key which is used to sign > official e-mails from the release engineering team - in particular > -RELEASE announcements. > - Tying all the FreeBSD Project keys together by cross-signing them all. > - Arranging for a wider range of signatures on FreeBSD Project keys > (the SO key's already meets this). > - Investigate obtaining a X.509 certificate for the FreeBSD Project Very much seconded. The security advisories web page, for example, should be available over HTTPS and verifiable by a certificate issued by a recognized CA. Perhaps the releases page should be the same. > - Signing ISO images with a Project key and/or certificate in addition > to providing MD5 checksums. > - Investigate providing authenticated protocols for updating FreeBSD. Also, one should not forget the currently present FTP infrastructure either. While the content is publicly available, their integrity should be verifiable. The same goes for ports distfiles: ideally the should be signed, at least the checksums. The pkg_* tools AFAIK already have sig checking capability for the binary packages, but somehow this should be extended to the "build from source" version as well, particularly since this seems to be the more often used method. -- Regards: Szilveszter ADAM Budapest Hungary
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20051127085729.GA947>