Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 5 Jan 2009 22:58:39 -0900
From:      Mel <fbsd.questions@rachie.is-a-geek.net>
To:        freebsd-questions@freebsd.org
Subject:   Re: Foiling MITM attacks on source and ports trees
Message-ID:  <200901052258.39785.fbsd.questions@rachie.is-a-geek.net>
In-Reply-To: <495F5DD7.2070302@infracaninophile.co.uk>
References:  <20090102164412.GA1258@phenom.cordula.ws> <20090103013825.18910bf5@gumby.homeunix.com> <495F5DD7.2070302@infracaninophile.co.uk>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
On Saturday 03 January 2009 03:45:11 Matthew Seaman wrote:

> [*] Buying a high security cert from the likes of Verisign or OpenSRS wou=
ld
> set you back about =A3800 p.a. and it would probably be necessary to use
> someone like the FreeBSD Foundation as an appropriate body to own the cer=
t.

<OT>
I would actually trust a self-signed cert by the FreeBSD security officer,=
=20
more then one by Verisign. Power hungry companies like Verisign are more=20
succeptable to corruption then the entity I want to have or already a=20
relationship with in the first place.
</OT>
=2D-=20
Mel

Problem with today's modular software: they start with the modules
    and never get to the software part.



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?200901052258.39785.fbsd.questions>