Re: Red team attacks vs. cracking

To: debian-devel@lists.debian.org
Subject: Re: Red team attacks vs. cracking
From: Henning Makholm <henning@makholm.net>
Date: Thu, 01 Jun 2006 13:14:18 +0200
Message-id: <[🔎] 87y7whb01h.fsf@kreon.lan.henning.makholm.net>
References: <877j43k1k4.fsf@glaurung.internal.golden-gryphon.com> <u1hejyb4gv0.fsf@kempis.becket.net> <20060530172008.GA8099@javifsp.no-ip.org> <871wuboses.fsf@kreon.lan.henning.makholm.net> <20060531152240.GB2624@gwolf.org>

Scripsit Gunnar Wolf <gwolf@gwolf.org>
> Henning Makholm dijo [Wed, May 31, 2006 at 04:10:51AM +0200]:

>> A KSP that depends on there being any pre-existing trust to abuse is
>> *completely worthless* as a KSP whether or not that trust is abused
>> or not.

> Ummm... There is a certain metric of pre-existing trust that _does_
> exist here. Lets go back to Martin's specific case, to exemplify.

I'm not saying that the trust does not _exist_, just that it should
not be _necessary_ for the proper functioning of the keysigning
process.

-- 
Henning Makholm   "Der er ingen der sigter på slottet. D'herrer konger agter
                 at triumfere fra balkonen når de har slået hinanden ihjel."

Reply to:

Prev by Date: Re: proposal for a more efficient download process
Next by Date: Re: [Debconf-discuss] list of valid documents for KSPs
Previous by thread: Re: Renaming a package
Next by thread: debian flash group launched
Index(es):
- Date
- Thread