| 1 |
> I used the footnote numbers to reference the attacks. |
| 2 |
|
| 3 |
I am afraid, this might cause some confusion. The numbers you have used |
| 4 |
won't stay stable. Those were autogenerated numbers of footnotes. As |
| 5 |
footnotes change, these numbers change. To keep your post |
| 6 |
understandable, I created a snapshot before modifying footnotes: |
| 7 |
http://www.webcitation.org/6Wo9Cb2ox |
| 8 |
|
| 9 |
However, numbers (1), (2), (3), etc. that won't be automatically |
| 10 |
changed, have just been added now. |
| 11 |
|
| 12 |
Rick "Zero_Chaos" Farina: |
| 13 |
> webrsync-gpg would |
| 14 |
> appear to mitigate |
| 15 |
|
| 16 |
Actually, I was aware of it. The issue is, signing is not everything. |
| 17 |
Signatures need a validity range. Otherwise mirrors can also show half a |
| 18 |
year etc. old signatures that are valid. See also: |
| 19 |
http://blog.ganneff.de/blog/2008/09/23/valid-until-field-in-release-f.html |
| 20 |
|
| 21 |
> attacks 3, 11, and 12. |
| 22 |
|
| 23 |
There was no attack 3. Now, before we talk past each other, would you |
| 24 |
mind to repost by referencing attack by name or by their new, "real" |
| 25 |
numbers? |
| 26 |
|
| 27 |
Cheers, |
| 28 |
Patrick |
Archives