Subject: Re: requesting proposals -- change detection
Date: Mon, 28 Jun 1999 11:07:51 -0400

> If you are after something else, please define what...

Apologies for the vagueness -- I'm figuring this out as I go.

I *think* that what I want is two things:

1. A robust means for detecting changes to source files.  A simple association
of the form

     (file identifier [name], version, MD5 sum)

   probably suffices.

2. A robust means for detecting changes to the *binary*.

What I want is a tool that can be run in court that will say whether the system
being used is in fact the system for which I accepted liability as provider.
One approach would be to MD5 the entire kernel.

The problem is that I really only want to detect "unauthorized" changes, where
"unauthorized" is as defined by the contract.  For example, I probably want the
user to be able to reproduce the build using the same tool chain, and I also
probably want them to be able to say things like "I don't need SCSI support;
take that out."

I don't really need to trust the user to read me the answer from the tool for
legal purposes, though it's helpful for support.  The test I really care about
will get applied in court under conditions where the proper execution of the
tool is verified by third parties.

Jonathan S. Shapiro, Ph. D.
IBM T.J. Watson Research Center
Phone: +1 914 784 7085  (Tieline: 863)
Fax: +1 914 784 7595