tech-security archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: [ OpenPGP:SDK v0.9 released]

On Sat, Jan 10, 2009 at 02:03:00AM -0500, Thor Lancelot Simon wrote:
> Code signing requires both the definition of a means for associating
> signatures with code (easy, if you're willing to use separate files,
> at which point you basically just have veriexec; hard, otherwise) and
> the definition of sensible policies for making and using code
> signatures in the base system.
> If we had any of those things, we would already have everything we
> needed in the base system by way of nbsvtool.

FYI, the Solaris approach to signed ELF binaries:

-- Lubomir Sedlacik <salo@{NetBSD,Xtrmntr,silcnet}.org>   --

Attachment: pgpAlwrz5EmJP.pgp
Description: PGP signature

Home | Main Index | Thread Index | Old Index