[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Compromising Debian Repositories

On Sun, Aug 04, 2013 at 02:25:03PM +0200, Jann Horn wrote:
> On Sun, Aug 04, 2013 at 10:51:08AM +0200, Volker Birk wrote:
> > Now I'm surprised ;-) I think, this is not a matter of security of
> > checksums here. Of course, only a digital signature will do, or at least
> > a MAC.
> Huh, what? Aren't MACs always symmetric?

Yes, they are.

> How do MACs fit in here?

Depends on who should be able to check.

pibit AG, Oberer Graben 4, 8400 Winterthur
mailto:vb@pibit.ch  Mobile +41 (79) 292 88 87

Attachment: pgpaiCQHsqzNW.pgp
Description: PGP signature

Reply to: