[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Savannah-dev] [bug #4663] Sign security important announcements
From: |
nobody |
Subject: |
[Savannah-dev] [bug #4663] Sign security important announcements |
Date: |
Tue, 30 Sep 2003 04:01:17 -0400 |
User-agent: |
Mozilla/5.0 (compatible; Konqueror/3; Linux 2.4.18-27.7.x.cern; i686) |
=================== BUG #4663: LATEST MODIFICATIONS ==================
http://savannah.gnu.org/bugs/?func=detailbug&bug_id=4663&group_id=11
Changes by: Mathieu Roy <address@hidden>
Date: mar 30.09.2003 à 10:01 (Europe/Paris)
------------------ Additional Follow-up Comments ----------------------------
Maybe the one who post the item should just sign with his own key?
What kind of trouble can it pose?
=================== BUG #4663: FULL BUG SNAPSHOT ===================
Signalé par: jas Projet: Savannah
Signalé le: ven 08.08.2003 à 00:00
Category: Project Web site Severity: 1 - Enhancement
Priority: Low Resolution: Works for me
Assigned to: yeupou Status: Open
Fixed Release:
Summary: Sign security important announcements
Original Submission: Announcements such as the SSH host key change should be
changed, e.g. by a PGP signing key shared among the core administrators.
(If you want to get advanced, use one of the "key sharing" techniques so that
e.g. 3 out of 5 core members must participate to generate the signed
announcement. This reduces the chance that someone can attack one of the
administrators to gain the savannah announcement key. I'm not sure GnuPG
support this yet though.)
Follow-up Comments
*******************
-------------------------------------------------------
Date: mar 30.09.2003 à 10:01 By: yeupou
Maybe the one who post the item should just sign with his own key?
What kind of trouble can it pose?
-------------------------------------------------------
Date: mar 02.09.2003 à 09:09 By: yeupou
Interesting, we will document this procedure.
La liste CC est vide
Il n'y a aucun fichier attaché actuellement
For detailed info, follow this link:
http://savannah.gnu.org/bugs/?func=detailbug&bug_id=4663&group_id=11
_______________________________________________
Message sent via/by Savannah
http://savannah.gnu.org/