QA, GPG and "replay attack" notes
David Rees
drees at greenhydrant.com
Wed Jan 21 18:12:40 UTC 2004
Just to bring this to everyone's attention, I made the mistake of
publishing a few notes to bugs during the QA process which were
vulnerable to "replay attacks". In other words, someone could cut and
paste my short messages to misconstrue what I meant to say. Have a look
at the tcpdump bug for what NOT to do: ;)
https://bugzilla.fedora.us/show_bug.cgi?id=1222
It is mentioned in the Fedora QA process, however, I think it should be
made to stand out a bit more as I think it is something easy to miss for
someone new to the QA process and GPG in general.
-Dave
More information about the fedora-legacy-list
mailing list