On Tue, Aug 12, 2008 at 2:24 AM, Michael Stone <[EMAIL PROTECTED]> wrote: > * What use cases are you trying to support?
Insert a usb stick with content that is OK'd by the regional NOC (network operations centre) for execution/installation on the XS. > * What threats obstruct supporting those use cases? Content could be modified on the way to insert evil sharks with frikking lasers into the XS. > * What trust structure are you trying to create and how does it > mitigate the threats while permitting the use cases? As I've written, we trust keys put in place at install time. Install time is privileged, root user is privileged. > * What algorithms are you going to use and why? Whatever GPG uses for signatures, SHA1 for file integrity because I'd be an idiot to try and be smarter than crypto researchers. > * What security > properties are you trying to check? Signed by the NOC, not changed. > (Perhaps you've already answered some of these basic questions elsewhere > and you simply left out the citation?) I could cite ISBN: 978-0-7645-1679-5 :-) I'll look at JAR signing and olpc-contents. Thanks for the pointers... cheers, m -- [EMAIL PROTECTED] [EMAIL PROTECTED] -- School Server Architect - ask interesting questions - don't get distracted with shiny stuff - working code first - http://wiki.laptop.org/go/User:Martinlanghoff _______________________________________________ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
