Is this something we (as consumers of FreeBSD) need to be aware of?

Daniel Feenberg feenberg at
Wed Jun 6 16:52:25 UTC 2012

On Wed, 6 Jun 2012, Julian H. Stacey wrote:

>> I do wonder about that. What incentive does the possesor of a signing key
>> have to keep it secret?
> Contract penalty clause maybe ? Lawyers ?

A limited-liability company with no assets is judgement-proof.

> Otherwise one of us would purchase a key for $99, & then publish
> the key so we could all forever more compile & boot our own kernels.
> But that would presumably break the trap Microsoft & Verisign seek
> to impose.

Could it really be that simple? As for hardware vendors putting revoked 
keys in the ROM - are they really THAT cooperative? Seems like they would 
drag their feet on ROM updates if they had to add a lot of stuff that 
won't help them, so that doesn't seem like a great enforcement tool.

dan feenberg

More information about the freebsd-questions mailing list