[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Gnu-arch-users] (fairly minor) SECURITY ISSUE
From: |
Tom Lord |
Subject: |
Re: [Gnu-arch-users] (fairly minor) SECURITY ISSUE |
Date: |
Wed, 21 Jan 2004 17:51:50 -0800 (PST) |
> From: Brian May <address@hidden>
> Regardless of how you feel about multiple signatures, etc, I think
> Colin's proposal for detached signatures is a good idea.
> It means GPG will verify that the file contents are the same, and
> there is no way somebody can insert extra data before or after the
> real data.
> Sure, you can add checks to make sure that there is no data before or
> after the GPG signed data, but wouldn't it be a lot simpler, and more
> flexible just to use detached signatures?
Simpler? Hmmm.
No, it seems like a workaround for a fundamentally critical feature
missing from gpg (and one that would be simple to add, I hope).
-t
- [Gnu-arch-users] (fairly minor) SECURITY ISSUE, Tom Lord, 2004/01/20
- Re: [Gnu-arch-users] (fairly minor) SECURITY ISSUE, Colin Walters, 2004/01/20
- Re: [Gnu-arch-users] (fairly minor) SECURITY ISSUE, Tom Lord, 2004/01/20
- Re: [Gnu-arch-users] (fairly minor) SECURITY ISSUE, Colin Walters, 2004/01/21
- Re: [Gnu-arch-users] (fairly minor) SECURITY ISSUE, Brian May, 2004/01/21
- Re: [Gnu-arch-users] (fairly minor) SECURITY ISSUE,
Tom Lord <=
- Re: [Gnu-arch-users] (fairly minor) SECURITY ISSUE, Rob Kaper, 2004/01/22
- Re: [Gnu-arch-users] (fairly minor) SECURITY ISSUE, Colin Walters, 2004/01/22
- Re: [Gnu-arch-users] (fairly minor) SECURITY ISSUE, Tom Lord, 2004/01/22
- [Gnu-arch-users] Re: (fairly minor) SECURITY ISSUE, Samuel Tardieu, 2004/01/22
- Re: [Gnu-arch-users] Re: (fairly minor) SECURITY ISSUE, Robert Collins, 2004/01/24
- Re: [Gnu-arch-users] Re: (fairly minor) SECURITY ISSUE, Johannes Berg, 2004/01/24
- Re: [Gnu-arch-users] Re: (fairly minor) SECURITY ISSUE, Robert Collins, 2004/01/24
- Re: [Gnu-arch-users] Re: (fairly minor) SECURITY ISSUE, Johannes Berg, 2004/01/24
- Re: [Gnu-arch-users] Re: (fairly minor) SECURITY ISSUE, Johannes Berg, 2004/01/24
[Gnu-arch-users] Re: (fairly minor) SECURITY ISSUE, Samuel Tardieu, 2004/01/21