[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: fingerprint of the archive signing key

also sprach Cameron Patrick <cameron@patrick.wattle.id.au> [2004.07.02.1220 +0200]:
> It's been done.  Debian even distributes tools to do it!  (Look in
> the dsniff package.)

Except that the certificate will not validate. Of course, John Doe
will fall for it. But not an administrator in charge of
a high-security installation. Or that administrator should not be in
charge of a high-security installation.

Please do not CC me when replying to lists; I read them!
 .''`.     martin f. krafft <madduck@debian.org>
: :'  :    proud Debian developer, admin, and user
`. `'`
  `-  Debian - when you have better things to do than fixing a system
Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver!

Attachment: signature.asc
Description: Digital signature

Reply to: