Gentoo Archives: gentoo-security

From:	Klaus Wagner <klaus@××××××××××.net>
To:	Antoine Martin <antoine@××××××××××.uk>
Cc:	Jason Stubbs <jstubbs@××××××××××.jp>, gentoo-security@l.g.o
Subject:	Re: [gentoo-security] Re: Out of air
Date:	Wed, 10 Nov 2004 12:58:06
Message-Id:	`20041110125531.GA13071@aeon.user.lan.at`
In Reply to:	Re: [gentoo-security] Re: Out of air by Antoine Martin

1	On Wed, Nov 10, 2004 at 12:54:44PM +0000, Antoine Martin wrote:
2	> I think we all admit it may take some time, but we are talking about the
3	> quick and dirty solution as a stop-gap measure, nothing else.
4	> And if the better solution takes more than 1.5years to roll out, backup
5	> plans are just common sense - not criticism.
6	>
7	>
8	> I is just a cron job and a script, how would that double the amount of
9	> work in the future?!?
10
11	I really don't see how this is greatly improving security.
12	A cronjob, that is AUTOMATICALLY signing everything it get's
13	wouldn't make me happy.
14
15	Security, is not only signation and cryptography.
16	When it comes to signation, I have to trust every point
17	in the process, and I don't trust cronjobs and "in memory"
18	passphrases, or even worse unprotected private keys.
19
20	regards klaus
21
22
23	--
24	gentoo-security@g.o mailing list

Subject	Author
Re: [gentoo-security] Re: Out of air	Antoine Martin <antoine@××××××××××.uk>
Re: [gentoo-security] Re: Out of air	Andreas Waschbuesch <awaschb@××××.de>