Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch

gnu-arch-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch

From:	Andrew Suffield
Subject:	Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch
Date:	Sat, 13 Dec 2003 18:16:06 +0000
User-agent:	Mutt/1.5.4i

On Sat, Dec 13, 2003 at 08:33:41AM -0800, Tom Lord wrote:
> All files in the archive should be signed including =meta-info files,
> CONTINUATION files,

> .listing files,

No point signing those. They have only one correct value and are
trivial to verify directly; furthermore, they're acutely vulnerable to
replay attacks, so signing it accomplishes nothing.

-- 
  .''`.  ** Debian GNU/Linux ** | Andrew Suffield
 : :' :  http://www.debian.org/ |
 `. `'                          |
   `-             -><-          |

signature.asc
Description: Digital signature

[Prev in Thread]

Current Thread

[Next in Thread]

Re: crypto signatures for arch/another proposal [was: Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch], (continued)
- Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Florian Weimer, 2003/12/07
  - Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Robert Collins, 2003/12/07
- Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Thomas Zander, 2003/12/08
- Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Robert Collins, 2003/12/13
  - Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Thomas Zander, 2003/12/13
    - [Gnu-arch-users] svn signatures (was Re: [...] crypto signatures for arch), Tom Lord, 2003/12/13
  - Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Tom Lord, 2003/12/13
    - Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Andrew Suffield <=
    - [Gnu-arch-users] one more feature needed for signing, Tom Lord, 2003/12/13
    - Re: [Gnu-arch-users] one more feature needed for signing, Jason McCarty, 2003/12/13
    - Re: [Gnu-arch-users] one more feature needed for signing, Robert Collins, 2003/12/13
    - [Gnu-arch-users] Re: one more feature needed for signing, Robert Collins, 2003/12/21
    - Re: [Gnu-arch-users] Re: one more feature needed for signing, Robert Collins, 2003/12/21
    - Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Robert Collins, 2003/12/13

Prev by Date: Re: [Gnu-arch-users] arch lkml
Next by Date: Re: [Gnu-arch-users] Re: possible bug with version number sorting
Previous by thread: Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch
Next by thread: [Gnu-arch-users] one more feature needed for signing
Index(es):
- Date
- Thread