| 1 |
On Friday 26 March 2004 23:03, Patrick Lauer wrote: |
| 2 |
> I could also use my baseball bat to convince you to give me the key. |
| 3 |
> So the difference between physical access to the machine and to the |
| 4 |
> developer is at a comparable level of difficulty. |
| 5 |
> |
| 6 |
> The weak spot of all systems seems to be the presence of a "master" key. |
| 7 |
> If there was a finite number (maybe 5) of equal "master" keys the |
| 8 |
> compromise of one key would not "break" the system completely, but I'm |
| 9 |
> not aware of any multi-key protocols. |
| 10 |
|
| 11 |
The scheme I proposed should work with multiple master keys. It would require |
| 12 |
more organization to get the montly intermediate keys signed, but it is easy |
| 13 |
to require that a key is signed by 5 keys instead of one. |
| 14 |
|
| 15 |
Paul |
| 16 |
|
| 17 |
-- |
| 18 |
Paul de Vrieze |
| 19 |
Gentoo Developer |
| 20 |
Mail: pauldv@g.o |
| 21 |
Homepage: http://www.devrieze.net |
Archives