[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Migrating to GPG - A mini-HOWTO



On Wed, Sep 15, 1999 at 01:01:18PM +0200, Paul Slootman wrote:
> I think his point is that if you can't trust a pgp signature to
> sign a gpg key, why should trust a pgp signature to do anything
> at all, e.g. accept an uploaded package.  Seems like a reasonable
> argument.

Because the real user can undo one action and not the other. Because the
integrity of multiple keys is compromised in one case and not the other.
If I lose my key, that's a bad thing (but I can undo it). If I lose my
key and then someone gets *you* to start signing bogus stuff, that's
worse (and I can't undo it). In the particular case of debian packages
this might not be that big a deal. (Except that it starts down the road
of following bad practices--if I trust pgp sigs so much, why not sign
your key since that other guy signed it...) In the larger case of
maintaining the integrity of the web of trust, this is a much larger
problem.

Mike Stone

Attachment: pgpuc3hx3gEiB.pgp
Description: PGP signature


Reply to: