On 22/12/15 16:17, Paul Wouters wrote: > On Tue, 22 Dec 2015, Stephen Farrell wrote: > >> When/if this WG do get to address binary transparency, >> which I hope we do, then this [1] could be a nice case >> study in how that could be useful to the world. > > Unfortunately, Juniper released these images themselves as valid signed > images. So they would all just get a pass from any transparency system.
Right, but in the presence of a binary transparency system, (that involved publishing the binary as well), injecting attack code would presumably be a less attractive attack as that could be spotted by the unwashed public as a result. Cheers, S. > > Paul > > _______________________________________________ > Trans mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/trans > _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
