On Thu, Apr 11, 2002 at 11:47:33AM -0500, Manoj Srivastava wrote: > Have you done anything that I can't do as well right now? I > mean, I can download your old key, create a new one, and do all you > have outlined? > > manoj Because I am not yet an official dd (I am waiting for the DAM Approval as a lot of people), I don't have practical info about this particular issue : Would it be possible for the new 'David D.W. Downey' to hijack the identity of the old 'David D.W. Downey' and then upload packages without getting his new key signed by a dd ? David : I understand that you are certainly the old and the new David but we can not be sure and I am wondering if we have a security flaw here. There is nothing personal, I hope your new key will be signed soon. And this give me a good reason to check that my key is safe in this regard. Christophe -- Christophe Barbé <christophe.barbe@ufies.org> GnuPG FingerPrint: E0F6 FADF 2A5C F072 6AF8 F67A 8F45 2F1E D72C B41E Imagination is more important than knowledge. Albert Einstein, On Science
Attachment:
pgperIrgdgLWr.pgp
Description: PGP signature