Re: Bug#170069: ITP: grunt -- Secure remote execution via UUCP or e-mail using GPG
Hi,
>>"Jason" == Jason Gunthorpe <jgg@debian.org> writes:
Jason> PGP signatures have a signature ID and a date that are ment to be used to
Jason> prevent against replay attacks. I forget the exact details but there is a
Jason> gpg mode that prints it out. The db.debian.org gateways all make use of
Jason> it.
Indeed, as does the voting machinery. I was going to post
example code here, but the example got too huge (email me if you want
a copy). Replay attacks can be thwarted by a simple check on the
server.
manoj
--
Q: How many IBM CPU's does it take to execute a job? A: Four; three
to hold it down, and one to rip its head off.
Manoj Srivastava <srivasta@debian.org> <http://www.debian.org/%7Esrivasta/>
1024R/C7261095 print CB D9 F4 12 68 07 E4 05 CC 2D 27 12 1D F5 E8 6E
1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C
Reply to: