On 11/09/09 03:01 PM, Shawn Walker wrote:
Darren Reed wrote:
On 11/09/09 02:09 PM, Shawn Walker wrote:
Darren Reed wrote:
On 11/09/09 12:37 PM, Shawn Walker wrote:
Nicolas Williams wrote:
Bottom-line: by designing without security in mind, you're likely to
screw up in ways that require that you go back to the drawing board.
Spending a little more time gathering requirements and thinking
about
these related problems will reduce the likelihood that you'll
have to
re-design later.
No, the bottom line is that the security aspects do not have to be
a part of the core, high-level concepts involved with a publisher,
repository, stream, etc. They are an addition to, not a
requirement of, those models.
It is severely premature to attempt to even begin to worry about
key/cert signing, etc. before an agreement on the very basic
high-level concepts used has been achieved. Please stop banging
the security drum or making wild accusations about being ignored.
The feedback requested here is not security-related; when we're
ready for that, the advice will be greatly appreciated.
To do security well requires that it be part of the initial, core,
design, not tacked on later. Thus it needs to be reviewed with the
other core components.
If you don't do it that way, then the chances of getting the
security right are greatly diminished.
I'll just have to agree to disagree. Again, we're talking about
such high level concepts that keys and certs don't even enter into
the picture IMO.
Shawn, don't you think it is odd that there are multiple people who
agree with something that you disagree about? Don't you being to suspect
No; look who was our last president (joking).
that there's a slight chance that they might be agreeing with each
other for a very good reason? And that perhaps the reason they agree
is actually worth paying attention to?
Not when they continue to ignore my requests to defer security-related
issues until later. I'm well aware that you want to have a
security-related discussion surrounding publishers; I don't. I'm
sorry if that offends you, but I'm just not interested. Can we please
let this useless sub-thread die now?
Or perhaps you should consider dealing with the security bits first and
placate the loud voices, so that you can move on to the other things
with that tucked away under your belt.
Darren
_______________________________________________
pkg-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
