From: mgream@acacia.itd.uts.edu.au (Matthew Gream)
Date: Mon, 30 Aug 93 00:46:20 PDT
To: honey@citi.umich.edu (peter honeyman)
Subject: Re: Source Code NOT available for ViaCrypt PGP
In-Reply-To: <9308272032.AA17050@toad.com>
Message-ID: <9308300745.AA22452@acacia.itd.uts.EDU.AU>
MIME-Version: 1.0
Content-Type: text/plain


In a previous life, peter honeyman said ...

| i disagree.  who will guarantee that viacrypt ships binaries based on
| the validated code?

Have your appropriately trusted person watch the code compiled in
front of him, and take a signature of the completed binary. Although,
this becomes somewhat of a nightmare, as 'Mr Trusted' will need to 
oversee all 'release' compilations, and spend time beforehand going
over code to verify everything. This signature could be signed by
'Mr Trusted' and included with the distribution, including s/ware
to allow the 'pleb' user ensure they match.

Matthew.
-- 
Matthew Gream,, M.Gream@uts.edu.au -- Consent Technologies, 02-821-2043.