[cgl_specs] Re: [cgl_discussion] Latest draft on security req uirements

Makan Pourzandi (LMC) Makan.Pourzandi at ericsson.ca
Fri Nov 15 16:24:00 PST 2002


I believe it's a good remark and I write it down for our to do list for the final version of the document. As for now, we're mainly at draft stage. Therefore, as the term digital signature verification reflects what we want to do and it is generally well understood by people, and participants, I propose to keep it for the draft versions and rephrase it for the final version if it is really necessary. 

See my comments in the text: 

> -----Original Message-----
> From: Peter Badovinatz [mailto:tabmowzo at us.ibm.com]
> Sent: Wednesday, November 13, 2002 6:53 PM
> To: Stephen Hemminger; Makan Pourzandi (LMC)
> Cc: 'cgl_discussion at osdl.org'; 'cgl_specs at osdl.org'
> Subject: [cgl_specs] Re: [cgl_discussion] Latest draft on security
> requirements
> An interesting point.  But I would like to pare back the 'requirement'
> in a way to be "the necessity of verifying binaries on your 
> system".  A
> digital signature is actually a solution to this.  Note that I can't
> really identify, off-hand, any other solutions.  But we avoid the
> hot-button phrase of 'digital signature' in the requirement.
> I do not want to simply drop this whole subject because of the patent
> issue.  Are there other ways to solve the problem?  Rephrasing, as I
> did, opens up the thought process I hope.

I believe you have a point here, actually the real requirement is that the binaries have to be verified before loading. However, I'm afraid if we don't ask explicitly for digital signature, one could decide that verifying the file permissions of the binary is enough. I like the idea to push the requirement a little bit further and ask for digital signatures. Let them find a solution on how to perform the digital signature verification. 


More information about the cgl_discussion mailing list