[1295] in Kerberos
Re: Integrity of MIT source
daemon@ATHENA.MIT.EDU (Theodore Ts'o)
Fri Mar 8 12:51:42 1991
Date: Fri, 8 Mar 91 12:20:04 -0500
From: tytso@ATHENA.MIT.EDU (Theodore Ts'o)
To: pato@apollo.com
Cc: jrc@snow-white.Lanl.GOV, kerberos@ATHENA.MIT.EDU
In-Reply-To: Joe Pato's message of Fri, 8 Mar 91 11:40:30 EST,
Reply-To: tytso@ATHENA.MIT.EDU
From: pato@apollo.com (Joe Pato)
Date: Fri, 8 Mar 91 11:40:30 EST
It may be true that a vendor does not release the source code to
Kerberos - but then again the vendor probably also does not release
the source code to the OS or to the login program or any other
component of the trusted computing base.
True; but then again, one of the reasons why I asked for a VS 3100 on my
desk instead of a Decstation is that we run BSD 4.3 on Vax
architectures, and we run Ultrix 3.1 on the Decstations. I currently
have sources to what I run, and I consider this to be a huge win. I
would assert that in a perfect world, everyone should have the option of
perusing the TCB if they so choose.
- Ted
