Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Digital signatures' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Digital signatures
Authored by: calroth on Jul 09, '02 05:44:21AM

I reformatted my hard drive over the weekend, and had to install a lot of patches to bring myself up to date. So, I was thinking, why doesn't Apple provide capability for digital signatures and use them for its updates? Basically, don't trust the Internet for transport, but trust digital signatures to make sure what you're installing isn't a hacked version of sshd...

As mentioned, getting Apple's public key to the masses could be difficult. It really should have been bundled in with Mac OS X in the first place. Or could be bundled with Jaguar. Of course, you'd have to check the fingerprint or blindly trust that nobody's substituted Apple's public key with their own... but then, how many people have checked the fingerprints on the root CA certificates in their web browser?

An easy way to implement all this is to allow digital signatures in Disk Copy, and simply distribute all Software Update updates as disk images (mounting them automatically). There's already been tips today about how disk images allow encryption via AES and how to do MD5 hashing... Apple should implement authentication as well.



[ Reply to This | # ]