Re: Things we should know about PGP

To: debian-user@lists.debian.org
Subject: Re: Things we should know about PGP
From: Jon Dowland <jmtd@debian.org>
Date: Thu, 10 May 2012 17:11:27 +0100
Message-id: <[🔎] 20120510161127.GB14319@debian>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 1336591037.2994.90.camel@precise>
References: <[🔎] 1336563132.7752.25.camel@precise> <[🔎] 20120509180958.GF8272@debian> <[🔎] 4FAAB4FF.2070704@hotmail.com> <[🔎] 1336589505.2994.86.camel@precise> <[🔎] 1336591037.2994.90.camel@precise>

On Wed, May 09, 2012 at 09:17:17PM +0200, Ralf Mardorf wrote:
> Regarding to security. Assumed somebody always sign the mails to a
> mailing list. Isn't it possible that somebody hacks the view of a
> mailing list archive? Make it look like if a nice guy said odd things
> for signed mails. He never did, the mails were not hacked, just the view
> of the web page is hacked.

They could, if you were relying on the mailing list archives to verify
the signatures, but they don't. You can fetch the signature and the
original message (awkward from a web mailing list archive, but Camaleón
has shown a way of doing it with gmane in the past) and perform the 
verification yourself.

Reply to:

Follow-Ups:
- Re: Things we should know about PGP
  - From: Ralf Mardorf <ralf.mardorf@alice-dsl.net>

References:
- Things we should know about PGP
  - From: Ralf Mardorf <ralf.mardorf@alice-dsl.net>
- Re: Things we should know about PGP
  - From: Jon Dowland <jmtd@debian.org>
- Re: Things we should know about PGP
  - From: Mika Suomalainen <mika.henrik.mainio@hotmail.com>
- Re: Things we should know about PGP
  - From: Ralf Mardorf <ralf.mardorf@alice-dsl.net>
- Re: Things we should know about PGP
  - From: Ralf Mardorf <ralf.mardorf@alice-dsl.net>

Prev by Date: Re: OT: More about GPG signing
Next by Date: Re: OT: More about GPG signing
Previous by thread: Re: Things we should know about PGP
Next by thread: Re: Things we should know about PGP
Index(es):
- Date
- Thread