Secrecy and user trust
Ed Greshko
Ed.Greshko at greshko.com
Fri Sep 5 16:43:46 UTC 2008
Bill Davidsen wrote:
> Ed Greshko wrote:
>> Patrick O'Callaghan wrote:
>>> The hypothetical scenario being discussed is that you have already
>>> replaced the former (good but now possibly suspect) public key with a
>>> spurious new one. If that were to happen, you would be in danger of
>>> accepting trojanned packages signed with this new fake key. My point is
>>> that you would also *reject* packages signed with the new good key, and
>>> this would be noticed very quickly (basically the next time you did an
>>> update).
>>>
>> That is an extremely unlikely possibility as you have to generate a key
>> with the same key id (fingerprint)as the original. Also, you have to
>> determine how to trick all users in to replacing the original.
>
> All users? This is like spam email, you only need to succeed in a few
> cases to get benefit. And distributing the fingerprint assumes you can
> do that securely as well.
>
I think you have no concept of public/private encryption or signing.
--
Behind every great computer sits a skinny little geek.
More information about the fedora-list
mailing list