[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <m3zkheau9i.fsf@intrepid.localdomain>
Date: Thu, 06 Oct 2011 19:45:45 +0200
From: Krzysztof Halasa <khc@...waw.pl>
To: Mark Brown <broonie@...nsource.wolfsonmicro.com>
Cc: Jon Masters <jonathan@...masters.org>, Valdis.Kletnieks@...edu,
Adrian Bunk <bunk@...sta.de>,
"Frank Ch. Eigler" <fche@...hat.com>,
"H. Peter Anvin" <hpa@...or.com>,
"Rafael J. Wysocki" <rjw@...k.pl>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Greg KH <gregkh@...e.de>
Subject: Re: kernel.org status: establishing a PGP web of trust
Mark Brown <broonie@...nsource.wolfsonmicro.com> writes:
> A common approach to this for at least the e-mail portion of the address
> is to sign the ID with the address and then mail the signed key
> encrypted to the address, deleting all local copies and requiring that
> the recipient publish the signature. This at least demonstrates that
> the owner of the key can read mail at that address.
The assumption here is the attacker can read (and write) victim's email.
It's not about verifying email access or address.
--
Krzysztof Halasa
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists