On Wed, Sep 03, 2008 at 14:12:47 -0430, Patrick O'Callaghan <pocallaghan@xxxxxxxxx> wrote: > On Wed, 2008-09-03 at 10:30 -0400, Bill Davidsen wrote: > > hardest of all find a secure way to provide the public part of the > > signing key > > The whole point about asymmetric encryption is that you don't need a > secure distribution channel. The worst that can happen is that some fake > public key gets distributed, which won't match the private key and hence > will be instantly detectable. You still need a secure channel. What is changed is that it only needs protection for integrity, not eavesdropping. The worst case is actually a man in the middle attack. -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
