Reflections on Trusting Trust

Wesley Shields wxs at csh.rit.edu
Sun Nov 27 21:02:14 GMT 2005


On Sun, Nov 27, 2005 at 09:57:31AM +0100, Szilveszter Adam wrote:
> Hello Peter,
> 
> On Sun, Nov 27, 2005 at 09:45:30AM +1100, Peter Jeremy wrote:
> > - Signing ISO images with a Project key and/or certificate in addition
> >   to providing MD5 checksums.
> > - Investigate providing authenticated protocols for updating FreeBSD.
> 
> Also, one should not forget the currently present FTP infrastructure
> either. While the content is publicly available, their integrity should
> be verifiable. The same goes for ports distfiles: ideally the should be
> signed, at least the checksums. The pkg_* tools AFAIK already have sig 
> checking capability for
> the binary packages, but somehow this should be extended to the "build
> from source" version as well, particularly since this seems to be the
> more often used method.

Ports distfiles are recorded with MD5 (and SHA256 now that it's in the
base of 6.x, though it can be added via a port to other versions)
signatures.  I'm not entirely sure of the pkg_* tools doing signature
verification but it would be nice to have.

-- WXS


More information about the freebsd-security mailing list