On Fri, Jun 13, 2008 at 01:40, C. Scott Ananian <[EMAIL PROTECTED]> wrote: > On Thu, Jun 12, 2008 at 7:27 PM, Michael Stone <[EMAIL PROTECTED]> wrote: >> It's sad that we have no good way to specifying groups >> of serial numbers or delegation to an online S/N authority. Can we do >> any better there? > > I agree (this is the thrust of my response to Chema as well), but I > feel that it is likely out of scope for this release. Again, I don't > feel like we can rely on an online authority for this release, and the > offline mechanisms seem too clumsy to work well. > > As a strawman: instead of a serial number in the sig02 format, we use > an md5 hash. This hash must be the exact hash of a separate file > listing serial numbers, one per line. Now we just have to maintain > these files, handle the cases where we add a laptop to the file and > now have to maintain multiple copies, name them, find them on USB > keys, etc, etc.
By md5, you meant sha-256, right? :) > I'd prefer to first tackle the problem I've got a good solution for, > and defer the "arbitrary sets of serial numbers" case until we can't > do without it. Morgan _______________________________________________ Security mailing list [email protected] http://lists.laptop.org/listinfo/security
