Reflections on Trusting Trust
Wesley Shields
wxs at csh.rit.edu
Sun Nov 27 21:02:14 GMT 2005
On Sun, Nov 27, 2005 at 09:57:31AM +0100, Szilveszter Adam wrote:
> Hello Peter,
>
> On Sun, Nov 27, 2005 at 09:45:30AM +1100, Peter Jeremy wrote:
> > - Signing ISO images with a Project key and/or certificate in addition
> > to providing MD5 checksums.
> > - Investigate providing authenticated protocols for updating FreeBSD.
>
> Also, one should not forget the currently present FTP infrastructure
> either. While the content is publicly available, their integrity should
> be verifiable. The same goes for ports distfiles: ideally the should be
> signed, at least the checksums. The pkg_* tools AFAIK already have sig
> checking capability for
> the binary packages, but somehow this should be extended to the "build
> from source" version as well, particularly since this seems to be the
> more often used method.
Ports distfiles are recorded with MD5 (and SHA256 now that it's in the
base of 6.x, though it can be added via a port to other versions)
signatures. I'm not entirely sure of the pkg_* tools doing signature
verification but it would be nice to have.
-- WXS
More information about the freebsd-security
mailing list