Re: ITP: debian-backports-keyring -- GnuPG archive key of the backports.org repository

To: debian-legal@lists.debian.org
Cc: debian-curiosa@lists.debian.org, debian-devel@lists.debian.org
Subject: Re: ITP: debian-backports-keyring -- GnuPG archive key of the backports.org repository
From: Francesco Poli <frx@firenze.linux.it>
Date: Mon, 23 Jun 2008 19:57:22 +0200
Message-id: <[🔎] 20080623195722.17649885.frx@firenze.linux.it>
In-reply-to: <20080623161516.GA94121@stack.nl>
References: <[🔎] 20080622223115.5234188a.frx@firenze.linux.it> <[🔎] Pine.LNX.4.44.0806230858180.24875-100000@green.rahul.net> <20080623161516.GA94121@stack.nl>

On Mon, 23 Jun 2008 18:15:16 +0200 Arnoud Engelfriet wrote:

> Ken Arromdee wrote:
> > On Sun, 22 Jun 2008, Francesco Poli wrote:
> > > OK, that said, if you wanted to modify a public key (in order to obtain
> > > something else), what form would you use for making modifications?
> > > I think the preferred form would be the one in which the GPG public key
> > > is distributed by keyservers or some other equivalent form (which may
> > > be losslessly obtained from the distribution form).
> > 
> > Wouldn't the preferred form for modification be the number that's used to
> > generate both the private and public key?

No, that would be the preferred form for compromising the key!  ;-)

Seriously, if I want to alter the public key, I don't think I need the
corresponding secret key.
A public key consists of some numbers, and so does the secret key.
Those two sets of numbers are somewhat correlated, but I don't need one
set in order to alter some numbers in the other set...

> 
> I don't think that "modifying" has any reasonable meaning when talking
> about cryptographic keys.

Why not?

Original public key:

  -----BEGIN PGP PUBLIC KEY BLOCK-----
  Version: GnuPG v1.4.6 (GNU/Linux)

  mQGiBWDHQR[...]9U/rG7P6VAgfYkUYnkueiQ==
  =AGXn
  -----END PGP PUBLIC KEY BLOCK-----

Modified work:

  -----BEGIN PGP PUBLIC KEY BLOCK-----
  Version: GnuPG v1.4.6 (GNU/Linux)

  XQGiBWDHQm[...]9U/rG7P6VAgfYkUYnkueiQ==
  =AGXn
  -----END PGP PUBLIC KEY BLOCK-----

Please note that I changed two characters.
Maybe it's no longer a public key, but who cares?
It was a public key, it has been modified...

> A key is a number, or a set of numbers in
> the case of public-key cryptography. How do you modify a number?

By performing operations on it.
5454 may be modified into 5457 by adding 3.
Or into 2727 by dividing by 2.

As an aside, this is just what computers do all the time: they process
numbers in order to compute other numbers, and so on...

P.S.: now what should I do?
"to add disclaimers or not to add disclaimers? this is the question!"
;-)

-- 
 http://frx.netsons.org/doc/index.html#nanodocs
 The nano-document series is here!
..................................................... Francesco Poli .
 GnuPG key fpr == C979 F34B 27CE 5CD8 DC12  31B5 78F4 279B DD6D FCF4

Attachment: pgppVQTsPS1iU.pgp
Description: PGP signature

Reply to:

Follow-Ups:
- Re: ITP: debian-backports-keyring -- GnuPG archive key of the backports.org repository
  - From: Arnoud Engelfriet <arnoud@engelfriet.net>

References:
- Re: ITP: debian-backports-keyring -- GnuPG archive key of the backports.org repository
  - From: Francesco Poli <frx@firenze.linux.it>
- Re: ITP: debian-backports-keyring -- GnuPG archive key of the backports.org repository
  - From: Ken Arromdee <arromdee@rahul.net>

Prev by Date: Re: ITP: debian-backports-keyring -- GnuPG archive key of the backports.org repository
Next by Date: Re: ITP: debian-backports-keyring -- GnuPG archive key of the backports.org repository
Previous by thread: Re: ITP: debian-backports-keyring -- GnuPG archive key of the backports.org repository
Next by thread: Re: ITP: debian-backports-keyring -- GnuPG archive key of the backports.org repository
Index(es):
- Date
- Thread