Daemon News Ezine | BSD News | BSD Mall | BSD Support Forum | BSD Advocacy | BSD Updates |
On 2003.03.08 22:34:37 +0000, Colin Percival wrote: > My code cryptographically signs the updates; they can then be > distributed by whatever means is convenient (http, ftp, shortwave radio > broadcast...) although since the client code uses fetch(1) that imposes > some restrictions. Doing things this way, in addition to eliminating > spoofing attacks, also makes it possible for the severely paranoid to > perform all secure operations on a system which is physically disconnected > from the Internet (and copy the update files to a webserver via sneakernet). Ok, looking forward to seeing your next version. -- Simon L. Nielsen
Attachment:
pgpyky7wPRvYu.pgp
Description: PGP signature