[OmniOS-discuss] Trust and OmniOS installs

Ben Summers ben at fluffy.co.uk
Wed May 8 09:50:23 EDT 2013


Hello,

I'm rebuilding our infrastructure based on OmniOS, migrating away from Solaris 10. It's great to have a modern and minimal Solarish OS for which you can buy a support contract. (And that vendor not be Oracle.)

We do have one slight problem in our environment, that we have to trust the network to be able to use the OmniTI repos since they're served over plain HTTP.

Obviously we have to trust our OS vendor, but I suspect the requirement to trust the network would cause problems with audits from our customers. And besides, we're a security focused company offering a "secure" service, so I like to do things properly.

Unless OmniTI are kind enough enable https on pkg.omniti.com, is there a way to minimise the number of third parties we are trusting?

Could we create a mirror somehow over our relatively trusted network in the colo? Or would a simple https proxy work?

Many thanks for any suggestions,

Ben



--
http://bens.me.uk



More information about the OmniOS-discuss mailing list