[PATCH] Distant signatures

Marcus Brinkmann Marcus.Brinkmann at ruhr-uni-bochum.de
Wed Jul 3 16:40:04 CEST 2002

On Wed, Jul 03, 2002 at 09:37:58AM +0200, Werner Koch wrote:
> Similar to Petr's requirement, one might want to sign a new package
> which does not fit onto a floppy (think of gcc) but still keep the
> signing key at a safer place.  Yes, this does not make the signature
> in anyway safer but it protect the signing key better against
> misuse.

Ayup.  I read too much into Petr's "you don't trust server A enough to put
the key there".  I agree that there is a difference between "I trust server
A to not be tampered with and generate a good hash" and "I trust server A to
store my secret key there", and you have described a good example of that.


`Rhubarb is no Egyptian god.' Debian http://www.debian.org brinkmd at debian.org
Marcus Brinkmann              GNU    http://www.gnu.org    marcus at gnu.org
Marcus.Brinkmann at ruhr-uni-bochum.de

More information about the Gnupg-devel mailing list