Re: Bug#170069: ITP: grunt -- Secure remote execution via UUCP or e-mail using GPG

To: debian-devel@lists.debian.org
Subject: Re: Bug#170069: ITP: grunt -- Secure remote execution via UUCP or e-mail using GPG
From: Manoj Srivastava <srivasta@debian.org>
Date: Fri, 22 Nov 2002 03:19:57 -0600
Message-id: <[🔎] 87r8dex8oy.fsf@glaurung.green-gryphon.com>
In-reply-to: <[🔎] Pine.LNX.3.96.1021121224621.15063B-100000@wakko.debian.net> (Jason Gunthorpe's message of "Thu, 21 Nov 2002 22:47:46 -0700 (MST)")
References: <[🔎] Pine.LNX.3.96.1021121224621.15063B-100000@wakko.debian.net>

Hi,
>>"Jason" == Jason Gunthorpe <jgg@debian.org> writes:

 Jason> PGP signatures have a signature ID and a date that are ment to be used to
 Jason> prevent against replay attacks. I forget the exact details but there is a
 Jason> gpg mode that prints it out. The db.debian.org gateways all make use of
 Jason> it. 

	Indeed, as does the voting machinery. I was going to post
 example code here, but the example got too huge (email me if you want
 a copy).  Replay attacks can be thwarted by a simple check on the
 server. 

	manoj
-- 
 Q: How many IBM CPU's does it take to execute a job? A: Four; three
 to hold it down, and one to rip its head off.
Manoj Srivastava   <srivasta@debian.org>  <http://www.debian.org/%7Esrivasta/>
1024R/C7261095 print CB D9 F4 12 68 07 E4 05  CC 2D 27 12 1D F5 E8 6E
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C

Reply to:

References:
- Re: Bug#170069: ITP: grunt -- Secure remote execution via UUCP or e-mail using GPG
  - From: Jason Gunthorpe <jgg@debian.org>

Prev by Date: Re: s/(non-free|contrib)/non-debian/g?
Next by Date: Re: Are we losing users to Gentoo?
Previous by thread: Re: Bug#170069: ITP: grunt -- Secure remote execution via UUCP or e-mail using GPG
Next by thread: Re: Bug#170069: ITP: grunt -- Secure remote execution via UUCP or e-mail using GPG
Index(es):
- Date
- Thread