Re: Revival of the signed debs discussion

To: Werner Koch <wk@gnupg.org>
Cc: debian-devel@lists.debian.org
Subject: Re: Revival of the signed debs discussion
From: Matthias Urlichs <smurf@smurf.noris.de>
Date: Wed, 3 Dec 2003 14:45:12 +0100
Message-id: <[🔎] 20031203134512.GB5501@play.smurf.noris.de>
In-reply-to: <[🔎] 87d6b6nhqe.fsf@alberti.g10code.de>
References: <[🔎] 8765h0mzk1.fsf@mrvn.homelinux.org> <[🔎] 1070384670.5053.14.camel@worldmusic.grep.be> <[🔎] 20031202184220.GA23655@khazad-dum.debian.net> <[🔎] pan.2003.12.02.21.16.29.11062@smurf.noris.de> <[🔎] 20031203104109.GB30785@grep.be> <[🔎] 20031203110809.GA29957@play.smurf.noris.de> <[🔎] 87iskynm0b.fsf@alberti.g10code.de> <[🔎] 20031203122602.GA2549@play.smurf.noris.de> <[🔎] 87d6b6nhqe.fsf@alberti.g10code.de>

Hi,

Werner Koch:
> On Wed, 3 Dec 2003 13:26:02 +0100, Matthias Urlichs said:
> > the local side is supposed to sign should probably be encrypted with the
> > signer's public key, otherwise I can just replace the data packet with
> > something that ends up signing a totally different file. :-/
> 
> And if I do that, I could also sign the file right at the remote
> machine because the (or some) signature key must be available over
> there ;-)
> 
Ouch. You're obviously right. :-/

-- 
Matthias Urlichs   |   {M:U} IT Design @ m-u-it.de   |  smurf@smurf.noris.de
Disclaimer: The quote was selected randomly. Really. | http://smurf.noris.de
 - -
The day advanced as if to light some work of mine; it was morning,
and lo! now it is evening, and nothing memorable is accomplished.
		-- H.D. Thoreau

Reply to:

References:
- Revival of the signed debs discussion
  - From: Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>
- Re: Revival of the signed debs discussion
  - From: Wouter Verhelst <wouter@grep.be>
- Re: Revival of the signed debs discussion
  - From: Henrique de Moraes Holschuh <hmh@debian.org>
- Re: Revival of the signed debs discussion
  - From: Matthias Urlichs <smurf@smurf.noris.de>
- Re: Revival of the signed debs discussion
  - From: Wouter Verhelst <wouter@grep.be>
- Re: Revival of the signed debs discussion
  - From: Matthias Urlichs <smurf@smurf.noris.de>
- Re: Revival of the signed debs discussion
  - From: Werner Koch <wk@gnupg.org>
- Re: Revival of the signed debs discussion
  - From: Matthias Urlichs <smurf@smurf.noris.de>
- Re: Revival of the signed debs discussion
  - From: Werner Koch <wk@gnupg.org>

Prev by Date: Re: Backport of the integer overflow in the brk system call
Next by Date: Re: The term "Custom Debian Distribution" (Was Re: [custom] The term "flavor" and encouraging work on Debian)
Previous by thread: Re: Revival of the signed debs discussion
Next by thread: Re: Revival of the signed debs discussion
Index(es):
- Date
- Thread