Secrecy and user trust
Aldo Foot
lunixer at gmail.com
Thu Sep 4 16:10:14 UTC 2008
On Wed, Sep 3, 2008 at 8:42 PM, Bill Davidsen <davidsen at tmr.com> wrote:
> Patrick O'Callaghan wrote:
>>
>> On Wed, 2008-09-03 at 10:30 -0400, Bill Davidsen wrote:
>>>
>>> hardest of all find a secure way to provide the public part of the
>>> signing key
>>
>> The whole point about asymmetric encryption is that you don't need a
>> secure distribution channel. The worst that can happen is that some fake
>> public key gets distributed, which won't match the private key and hence
>> will be instantly detectable.
>>
> NAK - if a fake public key were distributed then packages signed with the
> fake key would be matched, allowing full access to install crap in your
> machine. And packages signed with any valid redhat key would be rejected.
>
> The public key really must be distributed in a secure manner.
Isn't the point of a Public Key to be publicly distributed?
The Private Key is what you closely guard against all tampering.
~af
More information about the fedora-list
mailing list