-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 David Shaw wrote: > On Fri, Nov 04, 2005 at 02:24:09PM -0500, David Shaw wrote: > >>On Fri, Nov 04, 2005 at 10:15:16PM +0300, Pawel Shajdo wrote: >> >>>Salve! >>>Can somebody explain me what is "back signatures"? >>>Manual not very clear about this. >> >>It's a countermeasure against an attack against signing subkeys. >>Basically, the primary key signs all subkeys. With backsigs, the >>signing subkey also signs the primary key. >> >>Without this, an attacker can "steal" a signing subkey from someone >>else and try and pretend that a signature came from his own key. It's >>not a particularly good attack: the attacker can't issue signatures to >>prove his ownership. > > > I should add that this is a new feature for 1.4.3. >
Has 1.4.3 been officially released yet? - -- Alphax | /"\ Encrypted Email Preferred | \ / ASCII Ribbon Campaign OpenPGP key ID: 0xF874C613 | X Against HTML email & vCards http://tinyurl.com/cc9up | / \ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQEVAwUBQ2wkM7MAAH8MeUlWAQh2hAf9Fr3wbnvSaNFprkxJ/aSv2Fw9IQqqDF87 kbfSfA6tjPdzh6P6pIUCb3Fjy/or1s0BLwTM9snTmhjK6eggT9a2JB/L7jMdjkTf 47q5ZM79Oi8NSUkOCJT/9fEe0X+4lzPfXrjHLwfeFJ50NJxvBupPtzzzjElhlBfC oilO8eMzpT9FNgWaBJZIiOTANLRPgeN8NZS+AE4KKx/cSQZnCeoIrkVOxD7/HElm 6bfxZIsUFKDXMdOfJQJAhX+iBUtMjmU06/UDZlRV3unH8W8YDU4z6TlkCfwRihPj h4LzeRB+ZjrLSy6zd6U5zsANqzURTkGq7EiIPgZp/ulaDD9vBWDj1g== =g8ka -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
