In some email I received from Michael Richardson, sie wrote:Prooving what? that you aren't being lied to? By whom? What is the thread model for this? What does having the kernel digital sign stuff gain you? Who would lie to you in such a way that they couldn't also have the kernel lie to you?
It's not about lieing so much as data integrity within the computer/application and being able to trust that to a very high level.
Darren,
I'm still trying to understand an attack or failure scenario where having the kernel MD5 the packet is any more reliable than having userland do it. Can you describe such a scenario?
-- Jefferson Ogata <[EMAIL PROTECTED]> NOAA Computer Incident Response Team (N-CIRT) <[EMAIL PROTECTED]>
- This is the tcpdump-workers list. Visit https://lists.sandelman.ca/ to unsubscribe.
