Re: PGP signatures.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sat, 2008-05-31 at 10:59 -0700, Les wrote:
> Simply put, one could create a keylist, publish it someplace secure
> with limited access and limited time availability, communicate to the
> designated individual where and when, and the designated individual
> could use something like VPN to pick up the encrypted key list.  The
> key to break that key list could be given over the phone.  The result
> would certainly minimize exposure of the keys.  

I'm not sure that exposure of keys is a problem (so long as keys are
strong).  I'd be unconcerned about exposure of uncrackable keys if keys
and key IDs were used, with no way to harvest email addresses from them.
i.e. If keys didn't contain addresses, just unique IDs.

I've seen systems which try and make this easier for users, they do all
the key handling externally.  Unfortunately, that means that your
private key is held externally, and your passphrase to use it has to be
transmitted.  Some of the turn-key virtual webhosting systems work that
way, e.g. CPanel.  Worse still, users typically access their control
panel over HTTP, not HTTPS.

-- 
[tim@localhost ~]$ uname -r
2.6.25.3-18.fc9.i686

Don't send private replies to my address, the mailbox is ignored.  I
read messages from the public lists.



-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux