Darren Reed wrote:
On 11/09/09 02:09 PM, Shawn Walker wrote:
Darren Reed wrote:
On 11/09/09 12:37 PM, Shawn Walker wrote:
Nicolas Williams wrote:
Bottom-line: by designing without security in mind, you're likely to
screw up in ways that require that you go back to the drawing board.
Spending a little more time gathering requirements and thinking about
these related problems will reduce the likelihood that you'll have to
re-design later.
No, the bottom line is that the security aspects do not have to be a
part of the core, high-level concepts involved with a publisher,
repository, stream, etc. They are an addition to, not a requirement
of, those models.
It is severely premature to attempt to even begin to worry about
key/cert signing, etc. before an agreement on the very basic
high-level concepts used has been achieved. Please stop banging the
security drum or making wild accusations about being ignored. The
feedback requested here is not security-related; when we're ready
for that, the advice will be greatly appreciated.
To do security well requires that it be part of the initial, core,
design, not tacked on later. Thus it needs to be reviewed with the
other core components.
If you don't do it that way, then the chances of getting the security
right are greatly diminished.
I'll just have to agree to disagree. Again, we're talking about such
high level concepts that keys and certs don't even enter into the
picture IMO.
Shawn, don't you think it is odd that there are multiple people who
agree with something that you disagree about? Don't you being to suspect
No; look who was our last president (joking).
that there's a slight chance that they might be agreeing with each other
for a very good reason? And that perhaps the reason they agree is
actually worth paying attention to?
Not when they continue to ignore my requests to defer security-related
issues until later. I'm well aware that you want to have a
security-related discussion surrounding publishers; I don't. I'm sorry
if that offends you, but I'm just not interested. Can we please let
this useless sub-thread die now?
Cheers,
--
Shawn Walker
_______________________________________________
pkg-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
