Mike Sensney wrote:
> I may be missing something, but I think Mark was thinking about some sort
> of public/private key signature of the whole package, not the contents.
Interesting, but what's the point?
> My thought is encrypt the package using a private key. That eliminates the
> need for a signature file.
>
> package.lrp + private key --> encrypt --> package.crp
> package.crp + public key --> decrypt --> package.lrp
It doesn't eliminate the need for a signature file at all. The method
you suggest does basically only two things:
* verifies that the downloaded package is intact
* verifies that the creator of the package is the expected creator
My method (not at all incompatible, really!) does the following:
* verifies that the FILES are intact - which could expose system
compromises
* "tracks" changes made to a package during operation
My method also has the benefit of a small binary; a public key
encryption system such as PGP requires a lot more space, as well as the
input of a key. If you are booting the system, this may or may not be
problematical; if the system is to be self-booting, then it is a BIG
problem - the system will wait until someone comes to give the key.
Interesting idea, anyway.... hmm...
PS: I trust this is *NOT* HTML-encoded... I hope...
_______________________________________________
Leaf-devel mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/leaf-devel
