Re: fingerprint of the archive signing key

To: debian developers <debian-devel@lists.debian.org>
Subject: Re: fingerprint of the archive signing key
From: Colin Watson <cjwatson@debian.org>
Date: Wed, 30 Jun 2004 00:35:37 +0100
Message-id: <[🔎] 20040629233537.GA25370@riva.ucam.org>
Mail-followup-to: debian developers <debian-devel@lists.debian.org>
In-reply-to: <[🔎] 20040629214219.GA2631@suffields.me.uk>
References: <[🔎] 20040629003951.GA14964@cirrus.madduck.net> <[🔎] 20040629005028.GA22050@suffields.me.uk> <[🔎] 20040629013230.GB14609@cirrus.madduck.net> <[🔎] 20040629115722.GA24190@suffields.me.uk> <[🔎] 87pt7izfnc.fsf@alhambra.bioz.unibas.ch> <[🔎] 20040629172848.GA19987@suffields.me.uk> <[🔎] 20040629173407.GD22096@riva.ucam.org> <[🔎] 20040629214219.GA2631@suffields.me.uk>

On Tue, Jun 29, 2004 at 10:42:19PM +0100, Andrew Suffield wrote:
> On Tue, Jun 29, 2004 at 06:34:07PM +0100, Colin Watson wrote:
> > Only if the company is foolish enough to allow anyone who wanders in
> > the door to make a signature from their CA.
> 
> Honestly now, do you really think it will be that hard?

*shrug* I've worked at a cryptographic security company. As far as I
know, you haven't.

> Once you have physical access to the user workstations, you can take
> those and work up.

Only if the key security is incompetent, which is inexcusable for a CA.

-- 
Colin Watson                                  [cjwatson@flatline.org.uk]

Reply to:

Follow-Ups:
- Re: fingerprint of the archive signing key
  - From: Andrew Suffield <asuffield@debian.org>
- Re: fingerprint of the archive signing key
  - From: Zenaan Harkness <zen@freedbms.net>

References:
- fingerprint of the archive signing key
  - From: martin f krafft <madduck@debian.org>
- Re: fingerprint of the archive signing key
  - From: Andrew Suffield <asuffield@debian.org>
- Re: fingerprint of the archive signing key
  - From: martin f krafft <madduck@debian.org>
- Re: fingerprint of the archive signing key
  - From: Andrew Suffield <asuffield@debian.org>
- Re: fingerprint of the archive signing key
  - From: Frank Küster <frank@debian.org>
- Re: fingerprint of the archive signing key
  - From: Andrew Suffield <asuffield@debian.org>
- Re: fingerprint of the archive signing key
  - From: Colin Watson <cjwatson@debian.org>
- Re: fingerprint of the archive signing key
  - From: Andrew Suffield <asuffield@debian.org>

Prev by Date: a forth release?
Next by Date: Re: fingerprint of the archive signing key
Previous by thread: Re: fingerprint of the archive signing key
Next by thread: Re: fingerprint of the archive signing key
Index(es):
- Date
- Thread