1 |
On Friday 26 March 2004 23:03, Patrick Lauer wrote: |
2 |
> I could also use my baseball bat to convince you to give me the key. |
3 |
> So the difference between physical access to the machine and to the |
4 |
> developer is at a comparable level of difficulty. |
5 |
> |
6 |
> The weak spot of all systems seems to be the presence of a "master" key. |
7 |
> If there was a finite number (maybe 5) of equal "master" keys the |
8 |
> compromise of one key would not "break" the system completely, but I'm |
9 |
> not aware of any multi-key protocols. |
10 |
|
11 |
The scheme I proposed should work with multiple master keys. It would require |
12 |
more organization to get the montly intermediate keys signed, but it is easy |
13 |
to require that a key is signed by 5 keys instead of one. |
14 |
|
15 |
Paul |
16 |
|
17 |
-- |
18 |
Paul de Vrieze |
19 |
Gentoo Developer |
20 |
Mail: pauldv@g.o |
21 |
Homepage: http://www.devrieze.net |