Stephen Hahn wrote: > 4.11. Security Impact: > > In the current implementation, the protocol is built atop access > to HTTP and/or HTTPS. Accordingly, the server side will > potentially listen on ports associated with those services. > > The server and client side will require access to key and > certificate management interfaces.
I really think signed packages needs to be part of this too. Most (maybe all) of the competition has this capability as does the existing Solaris SVR4 derived pkgadd(1M) system. I know I need to find some time to put together a proposal for how this should be done, but I've been busy trying to finish up zfs-crypto (yeah I know excuses excuses). -- Darren J Moffat _______________________________________________ pkg-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
