Subject: Re: RelCache (aka ELF prebinding) news
To: Bang Jun-Young <junyoung@netbsd.org>
From: Jonathan Stone <jonathan@DSG.Stanford.EDU>
List: tech-userlevel
Date: 12/03/2002 14:46:52
.... I hate to blow my own trumpet here, but I do have some expertise,
(even some professional reputation), in this area.


I'd really appreciate it if someone could take the time to explain
just what the application-level goal is, here: what uses this
``signature'' is expected to be put to, and what threats
(non-malicious errors during data transmission? Malicious modification
and recomputation of a matching CRCs?) the application is, or is not,
expected to protect against.

I'm afraid I've lost track of that, amongst all the heat and noise.

If we can refocus on what's really wanted, on what threats are inside
the scope of the problem and which are outside, then it'd be
relatively straightforward for a number of the regulars here to
recommend an appropriate algorithm.  And even to explain why other
algorithms aren't quite so appropriate.  

So... what *are* we trying to accomplish?