In some email I received from Michael Richardson, sie wrote:
> {Darren, you are sending to tcpdump-workers-owner, from the SMTP
> envelope. I think my MTA is canonicalizing something in a way I don't
> want it to. It isn't the lists' fault}
Thanks, fixed my alias.
> >>>>> "Darren" == Darren Reed <[EMAIL PROTECTED]> writes:
> >> Are we worrying about corruption of the packets between the
> >> kernel and the userspace application? Or what? Yes, the PCI bus
> >> is now among the more error-prone (relatively speaking) parts of
> >> the system. So, unless the hash is computing my the MAC/PHY, I
> >> don't see a point in this.
>
> Darren> I suppose, ideally, the kernel would digitally sign the
> Darren> captured packet.
>
> Prooving what? that you aren't being lied to? By whom?
> What is the thread model for this? What does having the kernel digital
> sign stuff gain you? Who would lie to you in such a way that they
> couldn't also have the kernel lie to you?
It's not about lieing so much as data integrity within the
computer/application and being able to trust that to a very
high level.
> Darren> The question I want to be able to answer is: "how do I know
> Darren> what's in the program's capture buffer represents what was
> Darren> received by the computer from the network with any degree of
> Darren> reliability?"
>
> Reliability implies bit-errors somewhere, not malicious attacks.
Or programming errors :) But malicious attack is not a concern.
Darren
-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.
