On Mon, Sep 24, 2007 at 12:35:54AM +0200, Joachim Schipper wrote: > On Sun, Sep 23, 2007 at 10:54:06PM +0100, Rui Miguel Silva Seabra wrote: > > Remember: OpenBSD still doesn't have a digitally signed code distribution, > > and in some places that means it can't enter! Stupid, I know, but not too > > stupid for the "blame game" rules, which sort of ignore the "secure by > > design" initiatives. > > Sure it does, just pull from CVS over SSH and compile your own. Only > requires trusting one download, ever, and that can be verified by > downloading from n servers from m distinct network locations, and > verifying that the checksums match. > > I do get what you are hinting at, but it's not an insurmountable issue.
It depends on the rules. If they say it must be digitally signed... one may be SOL :| -- Wibble. Today is Sweetmorn, the 47th day of Bureaucracy in the YOLD 3173 + No matter how much you do, you never do enough -- unknown + Whatever you do will be insignificant, | but it is very important that you do it -- Gandhi + So let's do it...?