[PATCH] Distant signatures
Marcus Brinkmann
Marcus.Brinkmann at ruhr-uni-bochum.de
Wed Jul 3 16:40:04 CEST 2002
On Wed, Jul 03, 2002 at 09:37:58AM +0200, Werner Koch wrote:
> Similar to Petr's requirement, one might want to sign a new package
> which does not fit onto a floppy (think of gcc) but still keep the
> signing key at a safer place. Yes, this does not make the signature
> in anyway safer but it protect the signing key better against
> misuse.
Ayup. I read too much into Petr's "you don't trust server A enough to put
the key there". I agree that there is a difference between "I trust server
A to not be tampered with and generate a good hash" and "I trust server A to
store my secret key there", and you have described a good example of that.
Thanks,
Marcus
--
`Rhubarb is no Egyptian god.' Debian http://www.debian.org brinkmd at debian.org
Marcus Brinkmann GNU http://www.gnu.org marcus at gnu.org
Marcus.Brinkmann at ruhr-uni-bochum.de
http://www.marcus-brinkmann.de
More information about the Gnupg-devel
mailing list