List Archive: gentoo-security
Note: Due to technical difficulties, the Archives are currently not up to date.
provides an alternative service for most mailing lists.c.f. bug 424647
> I've been chewing on this idea for a while and am hoping someone on
list may help me with a concern.
> The notion is that big company B will distribute CDs to employees to
for remotely accessing things like mail, corporate Intranet,
> etc. The
disk contains two bootable images. One is "normal" and
> is the first to
load. The second squashed image is encrypted in a
> manner that the first
image can decrypt.
> The first image loads, connects to Corp B and authenticates the
At that point the key to decrypt the second image is provided
> and the
computer chroots to the second image. This environment is
trusted and access is provided into Corp B.
Because the CD provided to all the users is encrypted with the same key, and
that this key is not session based, replay attacks are possible.
> This seems fairly straightforward but then why isn't anyone doing
already? What haven't I considered?
> It's easy to use the word encryption but is much harder to make it
Any recommendations on projects I should look at that may be
for this purpose?
> Jeff Gercken <mailto:jeffg@...>
> 502-292-4838 office
> 502-292-5238 fax
> <http://www.kizan.com/> www.kizan.com <http://www.kizan.com/>
firstname.lastname@example.org mailing list