Implementing CM System for Standard 17960 Discussions
Dive into the implementation of a Configuration Management system for DIS 17960 discussions, exploring options for signing code, ensuring integrity of files, and providing guidance on cryptographic usage. Understand the goals of the standard, including file integrity, code rollback capabilities, and handling of binaries. Examine the feasibility of providing scaled confidence levels for added assurance.
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.
E N D
Presentation Transcript
Some questions/opinions to DIS 17960 Contributed by Tatsuaki Takebe Discussed at WG 23 meeting 31
How to implement? CM system (Configuration Management system) Is it CM system to sign? Or else to sign? Other options: Editing tool automatically signs and keep the signature with the text file. Provide a tool to sign the source code, and ask the editor to create the signature.
What is the goal of the standard. What do you wish to accomplish by 17960? 1. Integrity (of the text file) ? 2. Capability that you can roll back code? 3. What about the binaries? 4. Recommended Crypto Usage guidance for the sign?
Degree of confidence Do you wish to provide confidence levels scaled?
