[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: "You aren't following the _rules_!"
From: [email protected] (Arsen Ray Arachelian)
I agree with Tim on this. There's no way I'm going to leave PGP on
poly's machines with the key right there for anyone who manages to
hack into photon or prism (and yes, it has happened) to set up a fake
pgp asking for the passphrase to my key.
Your key, singular? Keys are cheap! Everyone should have a bundle.
In addition, since I'm not planning on verifying the signatures at the
server, you are free to fake them. Of course, if you fake them,
you'll have to set up just about the same amount of software as if you
used real crypto. Since so much of deployment delay comes from bad
architecture, I consider setting up to fake a good thing.
Eric