| 1 |
On Fri, Mar 25, 2011 at 10:38 PM, Alec Warner wrote: |
| 2 |
> Coming back around to the earlier discussion of Alice who has her key |
| 3 |
> signed by robbat2 (because he loves keysigning parties) and then Alice |
| 4 |
> breaks into cvs.gentoo.org and commits evil code into the tree. If we |
| 5 |
> cannot stop this attack because we are relying on a chain of trust |
| 6 |
> (and Alice is in the chain) can we at least detect the attack? |
| 7 |
|
| 8 |
verifying identity isnt the same as listing who we trust. this is the |
| 9 |
point Robin is making when he says he wants to list all trusted keys |
| 10 |
in LDAP. from there, we could create a file signed by an infra "tree |
| 11 |
key" and keep only the trusted keys in it. |
| 12 |
-mike |
Archives