Closed petertodd closed 8 years ago
I thought we covered this somewhere but I don't see anything specifically prescribed. At the very least I think something about this could fit easily into how we define a Trusted Environment, as required by aspect 1.4.2 but I'm not against a more detailed inclusion in the standard either.
The second aspect within CCSS, "Key/Seed Generation Methodology" prescribes integrity checks for L2 and L3 systems. https://cryptoconsortium.github.io/CCSS/Matrix/
Specific details are here: https://cryptoconsortium.github.io/CCSS/Details/#1.01 Take a look at the prescriptions for L2.
I think those should cover your suggestion, @petertodd but if you can either make it clearer or stronger, please don't hesitate to submit a pull.
We need to make clear that software must be authenticated and audited correctly, PGP being the standard in this industry.
Is this covered by ISO/IEC 27001? Chances are most people haven't read that standard, so even if it is the warning may be diminished.
For instance, recently in my review of the Ripple consensus, I found that there was no way to actually get the Ripple codebase without trusting github as no signatures on anything were provided. Similarly Bitcoin XT has this issue. Not only is this a security concern, but an accountability concern as well - if a backdoor was found who put it there?