|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: signed binary pkgs [was: Re: BPG call for use cases]
From: Todd Vierling (tv
duh.org)
Date: Mon Jul 25 2005 - 11:17:45 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Mon, 25 Jul 2005, Curt Sampson wrote:
> It's a PITA for users. Do we really want to stick users with the baggage
> of having to deal with two files, and the attendant risk of mismatching
> the two or losing one, if we gain no security benefit from it?
I would much rather see an embedded signature. This is e.g. how signed Java
archives work.
I'm aware that the detached compression of individual files in the Zip
format used by JARs makes it easier to do verification before files are
extracted. Even in that case, though, ahead-of-time verification still
requires decompressing all the data, as would be required by a stream-based
compression like gzip.
If a package signature were placed as the first entry in the tarball, it
should be possible using a tar library (do we do this yet?) to verify while
extracting, and simply stop dead and nuke any extracted files if an
unverifiable entry is encountered in the stream.
--
-- Todd Vierling <tvduh.org> <tvpobox.com> <toddvierling.name>
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]