[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch
From: |
Andrew Suffield |
Subject: |
Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch |
Date: |
Sat, 13 Dec 2003 18:16:06 +0000 |
User-agent: |
Mutt/1.5.4i |
On Sat, Dec 13, 2003 at 08:33:41AM -0800, Tom Lord wrote:
> All files in the archive should be signed including =meta-info files,
> CONTINUATION files,
> .listing files,
No point signing those. They have only one correct value and are
trivial to verify directly; furthermore, they're acutely vulnerable to
replay attacks, so signing it accomplishes nothing.
--
.''`. ** Debian GNU/Linux ** | Andrew Suffield
: :' : http://www.debian.org/ |
`. `' |
`- -><- |
signature.asc
Description: Digital signature
Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Florian Weimer, 2003/12/07
Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Thomas Zander, 2003/12/08
Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Robert Collins, 2003/12/13
Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Robert Collins, 2003/12/13