Re: [Etherboot-developers] Prism II (wireless) drivers
Brought to you by:
marty_connor,
stefanhajnoczi
Menu
▾
▴
Re: [Etherboot-developers] Prism II (wireless) drivers
|
From: <ebi...@ln...> - 2002-04-10 16:43:13
|
Michael Brown <mb...@fe...> writes: > On 9 Apr 2002, Eric W. Biederman wrote: > > There is some work in progress to place an MD5 signature on bootable > > images. With the spoofabilty of network links somehow that sounds > > like a desire feature. > > Thoughts? > > How would the workstation learn what the correct MD5 signature should be? > Could be sent by the DHCP server but that wouldn't help if the attacker > had his own DHCP server. O.k. The base idea is like a checksum. You have the bytes to compute it over and the checksum so you can verify the two. Beyond that I believe the MD5 hash was encrypted, in which case the node would have an encryption key it would use to decrypt the hash before verification. Possibly doing the whole public/private key pair thing. I am only roughly familiar with the idea. The people doing this are part of a small university project on trusted, booting. If this looks interesting/useful I'll try to drag them into the discussion. Eric |
