* Valentin Zagura <put...@gmail.com> [2013-09-13 10:15]: > Security itself is not the primary issue here. The issue is to easily prove > an assessor "without reasonable doubt" that you are running the right thing. > They will not worry about governments trying to break in with MITM signed > ssl or about armies breaking in with the tanks. But they would worry about > me not building the image the right way, someone tampering with the image > or leaving the door unlocked at the server room. > Also, they require people to take responsibility for the thing they do (in > this case, CD images).
buy the CD set. it's more than good enough for the PCI DSS theatre (been there). -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services GmbH, http://bsws.de, Full-Service ISP Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed Henning Brauer Consulting, http://henningbrauer.com/