* christophe barbé
| On Fri, Apr 12, 2002 at 11:02:15AM +0200, Tollef Fog Heen wrote:
| > * Manoj Srivastava
| >
| > | David> 4) Posted the NEW public key (C5A76BF6) to the following:
| > | David> 1) public keyservers
| > | David> 2) debian-devel@lists.debian.org
| > | D
>>"Tollef" == Tollef Fog Heen <[EMAIL PROTECTED]> writes:
Tollef> * Manoj Srivastava
David> 4) Posted the NEW public key (C5A76BF6) to the following:
David> 1) public keyservers
David> 2) debian-devel@lists.debian.org
David> 3) Main upstream source site for affected packages
>>
>> Have yo
On Fri, Apr 12, 2002 at 11:02:15AM +0200, Tollef Fog Heen wrote:
> * Manoj Srivastava
>
> | David> 4) Posted the NEW public key (C5A76BF6) to the following:
> | David> 1) public keyservers
> | David> 2) debian-devel@lists.debian.org
> | David> 3) Main upstr
* Manoj Srivastava
| David> 4) Posted the NEW public key (C5A76BF6) to the following:
| David> 1) public keyservers
| David> 2) debian-devel@lists.debian.org
| David> 3) Main upstream source site for affected packages
|
| Have you done anything
>>"christophe" == christophe barbé <[EMAIL PROTECTED]> writes:
christophe> Would it be possible for the new 'David D.W. Downey' to
christophe> hijack the identity of the old 'David D.W. Downey' and
christophe> then upload packages without getting his new key signed
christophe> by a dd ?
Em Thu, 11 Apr 2002 16:00:41 -0400, christophe barbé
<[EMAIL PROTECTED]> escreveu:
> Would it be possible for the new 'David D.W. Downey' to hijack the
> identity of the old 'David D.W. Downey' and then upload packages without
> getting his new key signed by a dd ?
no no, he needs to get his key
On Thu, Apr 11, 2002 at 11:47:33AM -0500, Manoj Srivastava wrote:
> Have you done anything that I can't do as well right now? I
> mean, I can download your old key, create a new one, and do all you
> have outlined?
>
> manoj
Because I am not yet an official dd (I am waiting for the
On Thu, Apr 11, 2002 at 03:39:33AM +0100, Mark Brown wrote:
> On Wed, Apr 10, 2002 at 07:10:28PM -0700, David D. W. Downey wrote:
>
> > Not much more I can do since the old secret key and public keyrings were
> > lost. It's going to have to suffice as I have taken every step possible
> > to ensure
>>"David" == David D W Downey <[EMAIL PROTECTED]> writes:
David> So far I've done the following
David> 1) Replaced the OLD key (42D8F306) with the NEW one (C5A76BF6).
Replaced where?
David> 2) Signed the OLD public key (42D8F306) with the NEW one (C5A76BF6).
David> 3) Posted the OL
On Wed, Apr 10, 2002 at 07:10:28PM -0700, David D. W. Downey wrote:
> Not much more I can do since the old secret key and public keyrings were
> lost. It's going to have to suffice as I have taken every step possible
> to ensure that the chain of events was totally and completely documented
> both
On Wed, Apr 10, 2002 at 07:10:28PM -0700, David D. W. Downey wrote:
> Not much more I can do since the old secret key and public keyrings were
> lost. It's going to have to suffice as I have taken every step possible
> to ensure that the chain of events was totally and completely documented
> both
On Wed, Apr 10, 2002 at 09:16:26PM -0400, christophe barb? wrote:
> I don't see how we can be sure that you (the new-key owner) are you (the
> old-key owner).
>
> As I understand it, this kind of "chain of establishment" can only work
> if you sign your new key with your old one. But IIUC you lost
On Wed, Apr 10, 2002 at 04:40:03PM -0700, David D. W. Downey wrote:
> For the purposes of consistency, I've signed the old lost key with the new
> key and posted both keys to the keyservers.
...
> I'm hereby using these emails, the signature on the old key as sent to
> the keyservers, and the we
13 matches
Mail list logo
