On Thu, 14 Jun 2007, Michael Poole wrote:
quoted text
> 
> If the signature is one that serves to indicate origin, to detect
> tampering, or the other things you mentioned, the program's binary is
> useful when separated from the signature.  My objection arises when a
> functionally equivalent binary -- including advertised functions such
> as "runs on platform XYZ" -- cannot be produced from the distributed
> source code.

Ahh.

Ok, that's a totally different issue, and is one where I heartily agree 
with you. I would actually *love* for the GPL (any version) to have a 
"guarantee of authenticity", where if you distribute a binary, there has 
to be some documented way to get *exactly* that binary out of the source 
code that got distributed.

Of course, SHA1's can be used to verify that, although, quite frankly, I'd 
expect that a simple "cmp" would be the more straightforward approach.

So the "verification" can be used both to lock down a particular binary 
_and_ to authenticate that the binary really came from the source code it 
was claimed to come from.

Of course, in practice, it's actually really nasty to do that 
verification. Many compilers actually do things like insert date-stamps in 
the object files etc. So it's probably not all that practical.

			Linus
-
unsubscribe notice
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/