On Fri, 2008-09-05 at 08:02 +0800, Ed Greshko wrote: > Patrick O'Callaghan wrote: > > > > The hypothetical scenario being discussed is that you have already > > replaced the former (good but now possibly suspect) public key with a > > spurious new one. If that were to happen, you would be in danger of > > accepting trojanned packages signed with this new fake key. My point is > > that you would also *reject* packages signed with the new good key, and > > this would be noticed very quickly (basically the next time you did an > > update). > > > That is an extremely unlikely possibility as you have to generate a key > with the same key id (fingerprint)as the original. Also, you have to > determine how to trick all users in to replacing the original. Exactly. That's what I've been saying all along. I don't understand what the disagreement is about, if anything. poc -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines