Date: Wed, 6 Jun 2012 12:45:48 -0400 (EDT) From: Daniel Feenberg <feenberg@nber.org> To: "Julian H. Stacey" <jhs@berklix.com> Cc: Jerry <jerry@seibercom.net>, Matthew Seaman <matthew@freebsd.org>, FreeBSD <freebsd-questions@freebsd.org> Subject: Re: Is this something we (as consumers of FreeBSD) need to be aware of? Message-ID: <Pine.GSO.4.64.1206061241470.15673@nber6> In-Reply-To: <201206061630.q56GUJj7093472@fire.js.berklix.net> References: <201206061630.q56GUJj7093472@fire.js.berklix.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 6 Jun 2012, Julian H. Stacey wrote: >> I do wonder about that. What incentive does the possesor of a signing key >> have to keep it secret? > > Contract penalty clause maybe ? Lawyers ? A limited-liability company with no assets is judgement-proof. > > Otherwise one of us would purchase a key for $99, & then publish > the key so we could all forever more compile & boot our own kernels. > But that would presumably break the trap Microsoft & Verisign seek > to impose. > Could it really be that simple? As for hardware vendors putting revoked keys in the ROM - are they really THAT cooperative? Seems like they would drag their feet on ROM updates if they had to add a lot of stuff that won't help them, so that doesn't seem like a great enforcement tool. dan feenberg
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.4.64.1206061241470.15673>