Secrecy and user trust
Bill Davidsen
davidsen at tmr.com
Thu Sep 4 03:42:54 UTC 2008
Patrick O'Callaghan wrote:
> On Wed, 2008-09-03 at 10:30 -0400, Bill Davidsen wrote:
>> hardest of all find a secure way to provide the public part of the
>> signing key
>
> The whole point about asymmetric encryption is that you don't need a
> secure distribution channel. The worst that can happen is that some fake
> public key gets distributed, which won't match the private key and hence
> will be instantly detectable.
>
NAK - if a fake public key were distributed then packages signed with
the fake key would be matched, allowing full access to install crap in
your machine. And packages signed with any valid redhat key would be
rejected.
The public key really must be distributed in a secure manner.
--
Bill Davidsen <davidsen at tmr.com>
"We have more to fear from the bungling of the incompetent than from
the machinations of the wicked." - from Slashdot
More information about the fedora-list
mailing list