[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Cryptoapi kernel-patch packages for debian

To: David Gümbel <david.guembel@gmx.de>
Subject: Re: Cryptoapi kernel-patch packages for debian
From: Jean-Luc Cooke <jlcooke@certainkey.com>
Date: Sun, 7 Jul 2002 14:35:05 -0400
Cc: Fruhwirth Clemens <clemens-dated-1026383589.b333@endorphin.org>,linux-crypto@nl.linux.org
In-Reply-To: <200207070950.07048@dix.global-thinking.org>; from david.guembel@gmx.de on Sun, Jul 07, 2002 at 09:50:04AM +0200
List-archive: <http://mail.nl.linux.org/linux-crypto/>
List-help: <mailto:listar@nl.linux.org?Subject=help>
List-owner: <mailto:riel@nl.linux.org>
List-post: <mailto:linux-crypto@nl.linux.org>
List-software: Listar version 1.0.0
List-subscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=subscribe>
List-unsubscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=unsubscribe>
Original-Recipient: rfc822;linux-crypto-archive@nl.linux.org
References: <20020706221719.D9604@certainkey.com> <200207070950.07048@dix.global-thinking.org>
Sender: linux-crypto-bounce@nl.linux.org
User-Agent: Mutt/1.2.5.1i

Yes, if you look at the script, there are GPG signature performed.

example:
  http://jlcooke.ca/go?2.4.18/CA | less

Ideally, I'd rather have an SSL tunnel to the script...but that depends on
the server.

JLC

On Sun, Jul 07, 2002 at 09:50:04AM +0200, David Gümbel wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On Sonntag, 7. Juli 2002 04:17:04, Jean-Luc Cooke wrote:
> >   "make clean; make get_crypto; make menuconfig; make bzImage; make
> > modules;" ^^^^^^^^^^^^^^^
> >                New kernel make command!
> >
> > This command would hold nothing but a few shell commands, one being:
> >   lynx -source http://www.kerneli.org/go?<kernelVersion>/<countryCode> | sh
> 
> I don't really believe that getting a) crypto stuff for b) the kernel by 
> piping unencrypted content into a shell without prior verification could 
> possibly provide additional security. Do you have plans to use digital 
> signatures or something that might guarantee data integrity and verify that 
> the downloaded content is really from the author it is supposed to be?
> 
> 
> 
> 
> Regards,
> 
> 
> 
> David
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.7 (GNU/Linux)
> Comment: http://david-guembel.de/webpgp.html
> 
> iD8DBQE9J/KscWkuqYXk/uwRAvqkAKCqyYPoC/IqaTEENrC3dqGU3sqi4wCfUSyC
> pwsk7hOj1zGyy8LYbG0gM1g=
> =GIPP
> -----END PGP SIGNATURE-----

-- 
http://www.certainkey.com
Suite 4560 CTTC
1125 Colonel By Dr.
Ottawa ON, K1S 5B6
C: 613.263.2983
-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/

Follow-Ups:
- Re: Cryptoapi kernel-patch packages for debian
  - From: David Gümbel <david.guembel@gmx.de>

References:
- Re: Cryptoapi kernel-patch packages for debian
  - From: Jean-Luc Cooke <jlcooke@certainkey.com>
- Re: Cryptoapi kernel-patch packages for debian
  - From: David Gümbel <david.guembel@gmx.de>

Prev by Date: Re: Cryptoapi kernel-patch packages for debian
Next by Date: Re: Cryptoapi kernel-patch packages for debian
Prev by thread: Re: Cryptoapi kernel-patch packages for debian
Next by thread: Re: Cryptoapi kernel-patch packages for debian
Index(es):
- Date
- Thread