Secrecy and user trust
Bruno Wolff III
bruno at wolff.to
Thu Sep 4 16:16:35 UTC 2008
On Thu, Sep 04, 2008 at 09:10:14 -0700,
Aldo Foot <lunixer at gmail.com> wrote:
> On Wed, Sep 3, 2008 at 8:42 PM, Bill Davidsen <davidsen at tmr.com> wrote:
> > Patrick O'Callaghan wrote:
> >
> > The public key really must be distributed in a secure manner.
>
>
> Isn't the point of a Public Key to be publicly distributed?
Yes, but you need to know that you have the correct public key. So while it
doesn't need to be secret, it does need integrity protection.
> The Private Key is what you closely guard against all tampering.
The private key needs to be kept secret. Tampering isn't normally going to
be that big of a deal, since you'll notice and then realize it most likely
isn't secret any more and change the key pair.
More information about the fedora-list
mailing list