--=.l.CfM0hSdD.zc2
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

wrstuden@netbsd.org (Bill Studenmund) wrote:

> On Tue, 15 Oct 2002, Brett Lymn wrote:
> 
> > On Mon, Oct 14, 2002 at 06:10:44PM +0200, Alan Barrett wrote:
> >
> > 1) secure exec
> > 2) trusted exec
> > 3) verified exec

> I think verified exec is best, but it is a mouthful. How about V exec or
> Vexec, where V is for verified? :-)

I think all three variants might imply something wrong. Whether you
verified the exec or not cannot be expressed by the fingerprint. I'd
suggest something like 'frozen exec': With the fingerprint you tell the
system to execute the exec with *this* pathname and *this* hash. Sounds
like a 'code freeze' for me. You might still not trust it and use chroot,
systrace or whatever. IMHO anything which is far more complex than
helloworld.c will ever be 100% secure that's why I think 'secure exec'
promises too much.

Just my 0.02 euros,
Christian

--=.l.CfM0hSdD.zc2
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (NetBSD)

iD8DBQE9rF9N0KQix3oyIMcRAl6sAJ95aDLLwyAY+b7V6ZojOoQsSHWebwCeNnCA
7wJEbBB9x2H5ihcTaaSuLRo=
=C9hm
-----END PGP SIGNATURE-----

--=.l.CfM0hSdD.zc2--