Re: Secrecy and user trust



On Wed, 2008-09-03 at 10:30 -0400, Bill Davidsen wrote:
hardest of all find a secure way to provide the public part of the
signing key

The whole point about asymmetric encryption is that you don't need a
secure distribution channel. The worst that can happen is that some fake
public key gets distributed, which won't match the private key and hence
will be instantly detectable.

poc

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines



Relevant Pages

  • Re: Secrecy and user trust
    ... secure distribution channel. ... The worst that can happen is that some fake ... public key gets distributed, which won't match the private key and hence ... The standard way is to use certificates, ...
    (Fedora)
  • Re: Secrecy and user trust
    ... secure distribution channel. ... The worst that can happen is that some fake ... The public key really must be distributed in a secure manner. ...
    (Fedora)
  • Re: Secrecy and user trust
    ... secure distribution channel. ... NAK - if a fake public key were distributed then packages signed with the fake key would be matched, allowing full access to install crap in your machine. ...
    (Fedora)
  • Re: Secrecy and user trust
    ... Patrick O'Callaghan wrote: ... The whole point about asymmetric encryption is that you don't need a ... secure distribution channel. ...
    (Fedora)