On Fri, Sep 13, 2013 at 11:13:36AM +0300, Valentin Zagura wrote: > Security itself is not the primary issue here. The issue is to easily prove > an assessor "without reasonable doubt" that you are running the right thing. > They will not worry about governments trying to break in with MITM signed > ssl or about armies breaking in with the tanks. But they would worry about > me not building the image the right way, someone tampering with the image > or leaving the door unlocked at the server room. > Also, they require people to take responsibility for the thing they do (in > this case, CD images).
"easily prove" and "without reasonable doubt" clash. To say the least. The entire thread has shown that all proposed courses of action, most of which are "easy to use" rather than "easy to implement", do not remove any more "reasonable doubt" than the current arrangements. Unless one is a professor of metaphysico-theologo-cosmonigology like Dr. Pangloss. Which, I concede, many a "security assessor" may be. At least as far as "reasonable doubt" is understood by the OpenBSD community. And what other understanding can we apply? .... Ken
