1 |
Mike, |
2 |
|
3 |
By chance are you ready to submit a cryptoswap-0.03.ebuild? |
4 |
|
5 |
On Sat, 2003-09-13 at 08:02, mike@××××.org wrote: |
6 |
> Your method for supporting encrypted root partitions looks pretty good. Here |
7 |
> are some comments: |
8 |
> |
9 |
> First, I think it is key that the creation of this system is automated and |
10 |
> included in the Gentoo installation process. |
11 |
> |
12 |
> Good: |
13 |
> |
14 |
> o your idea of not trusting the boot process is great! |
15 |
> o your documentation is pretty strong, including kernel configuration |
16 |
> |
17 |
> Potential room for improvement: |
18 |
> |
19 |
> o perhaps we can think of a better boot process trust protocol? |
20 |
> o why not use romfs instead of minixfs? Is minixfs smaller? |
21 |
> o why can't usb and crypto be modules, loaded by linuxrc? (this is kind of |
22 |
> picky) |
23 |
> o why use GPG when a symetric system will do? |
24 |
> o no PPC -- but perhaps I can help, as you mentioned |
25 |
> |
26 |
> So, great work overall! I am considering whether I should continue to work |
27 |
> on my system or begin contributing to yours. Perhaps two competing systems |
28 |
> would encourage innovation... |
29 |
> |
30 |
> By the way, my system is available at |
31 |
> http://www.flyn.org/projects/cryptoswap/index.html. |
32 |
> |
33 |
> -- |
34 |
> Mike |
35 |
> |
36 |
> -- |
37 |
> gentoo-hardened@g.o mailing list |
38 |
-- |
39 |
RSA key ID 2BC75196 http://keyserver.net |
40 |
Gentoo Linux Developer (Hardened) http://dev.gentoo.org/~solar |