Re: Secrecy and user trust

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sat, Sep 6, 2008 at 1:38 AM, jdow <jdow@xxxxxxxxxxxxx> wrote:
> From: "Anders Karlsson" <anders@xxxxxxxxxxxxxx>
> Sent: Friday, 2008, September 05 13:12

Some 50000 posts later .....

Where are the other critical open source players in all this?

Moving forward...

At this point a critical missing component is the framework to re-key/
sign the top of a distribution tree/mesh.    All vendors might face
this same problem and so all vendors have skin in this game.

It seems that a collection of  face to face credential exchanges and
FedX packages containing CDROMs with the public half of key pairs to
and from the likes of RH, Fedora, Sun, Cray, Cisco, Dell, Debian,
Ubuntu, Scientific Linux, Cern, CentOS, and some.edu sites on multiple
continents could go a long way to establish a foundation for a web of
trust.

Each site can then use their 'top' level keys to sign a set of
critical site and individual keys then place the master key in an off
line vault.

Once the foundation is in place ... more can be done (designed).

-- 
 NiftyFedora
 T o m M i t c h e l l

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux