1 |
On Fri, Mar 25, 2011 at 10:38 PM, Alec Warner wrote: |
2 |
> Coming back around to the earlier discussion of Alice who has her key |
3 |
> signed by robbat2 (because he loves keysigning parties) and then Alice |
4 |
> breaks into cvs.gentoo.org and commits evil code into the tree. If we |
5 |
> cannot stop this attack because we are relying on a chain of trust |
6 |
> (and Alice is in the chain) can we at least detect the attack? |
7 |
|
8 |
verifying identity isnt the same as listing who we trust. this is the |
9 |
point Robin is making when he says he wants to list all trusted keys |
10 |
in LDAP. from there, we could create a file signed by an infra "tree |
11 |
key" and keep only the trusted keys in it. |
12 |
-mike |