* Bill Davidsen <davidsen@xxxxxxx> [20080904 05:29]: > Patrick O'Callaghan wrote: >> On Wed, 2008-09-03 at 10:30 -0400, Bill Davidsen wrote: >>> hardest of all find a secure way to provide the public part of the >>> signing key >> >> The whole point about asymmetric encryption is that you don't need a >> secure distribution channel. The worst that can happen is that some fake >> public key gets distributed, which won't match the private key and hence >> will be instantly detectable. >> > NAK - if a fake public key were distributed then packages signed with > the fake key would be matched, allowing full access to install crap in > your machine. And packages signed with any valid redhat key would be > rejected. > > The public key really must be distributed in a secure manner. I am sure the infrastructure team is all ears for a detailed suggestion on how you believe this should be achieved. And with your extensive experience in the field - you ought to be able to provide a detailed plan of action. It's very easy sitting at the side-line criticising, but actually *doing* it is much harder. IMHO - we're at the "put up or shut up" point with the criticism now. /Anders -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
