On Tuesday 13 February 2001 15:02, marcoghidinelli wrote:
> On Sat, Feb 10, 2001 at 02:52:57PM -0600, Bud Rogers wrote:
> > I have the same problem with Martin Schulze's sigs. I've retrieved
> > the debian keyring from the website and from my CD, I've manually
> > retrieved his key from public k
On Tue, Feb 13, 2001 at 09:28:49PM +, Jim Breton wrote:
> You don't need to assign any trust to these keys; it's enough to get the
> "Good signature..." output. As long as the signature verifies
> successfully (as it does in your example above), you know that the
> person who created the key
On Sat, Feb 10, 2001 at 07:54:49PM +0100, Carel Fellinger wrote:
> [-- PGP output follows (current time: Sat Feb 10 19:40:06 2001) --]
> gpg: Signature made Sat 10 Feb 2001 06:11:01 PM CET using DSA key ID EBF15399
> gpg: Good signature from "Marco Ghidinelli <[EMAIL PROTECTED]>"
> gpg: WARNING: Th
On Sat, Feb 10, 2001 at 07:54:49PM +0100, Carel Fellinger wrote:
> On Sat, Feb 10, 2001 at 06:11:01PM +0100, marcoghidinelli wrote:
> ...
> > for the debian-developer keys:
> > apt-get install debian-keyring
> >
>
> I've done this some time ago, but now I get:
>
> [-- PGP output follows (curren
On Sat, Feb 10, 2001 at 02:52:57PM -0600, Bud Rogers wrote:
> On Saturday 10 February 2001 12:54, Carel Fellinger wrote:
> > On Sat, Feb 10, 2001 at 06:11:01PM +0100, marcoghidinelli wrote:
> > ...
> >
> > > for the debian-developer keys:
> > > apt-get install debian-keyring
> >
> > I've done this
On Tuesday 13 February 2001 15:02, marcoghidinelli wrote:
> On Sat, Feb 10, 2001 at 02:52:57PM -0600, Bud Rogers wrote:
> > I have the same problem with Martin Schulze's sigs. I've retrieved
> > the debian keyring from the website and from my CD, I've manually
> > retrieved his key from public
On Tue, Feb 13, 2001 at 09:28:49PM +, Jim Breton wrote:
> You don't need to assign any trust to these keys; it's enough to get the
> "Good signature..." output. As long as the signature verifies
> successfully (as it does in your example above), you know that the
> person who created the key
On Sat, Feb 10, 2001 at 07:54:49PM +0100, Carel Fellinger wrote:
> [-- PGP output follows (current time: Sat Feb 10 19:40:06 2001) --]
> gpg: Signature made Sat 10 Feb 2001 06:11:01 PM CET using DSA key ID EBF15399
> gpg: Good signature from "Marco Ghidinelli <[EMAIL PROTECTED]>"
> gpg: WARNING: T
On Sat, Feb 10, 2001 at 02:52:57PM -0600, Bud Rogers wrote:
> On Saturday 10 February 2001 12:54, Carel Fellinger wrote:
> > On Sat, Feb 10, 2001 at 06:11:01PM +0100, marcoghidinelli wrote:
> > ...
> >
> > > for the debian-developer keys:
> > > apt-get install debian-keyring
> >
> > I've done this
On Sat, Feb 10, 2001 at 07:54:49PM +0100, Carel Fellinger wrote:
> On Sat, Feb 10, 2001 at 06:11:01PM +0100, marcoghidinelli wrote:
> ...
> > for the debian-developer keys:
> > apt-get install debian-keyring
> >
>
> I've done this some time ago, but now I get:
>
> [-- PGP output follows (curre
On Saturday 10 February 2001 12:54, Carel Fellinger wrote:
> On Sat, Feb 10, 2001 at 06:11:01PM +0100, marcoghidinelli wrote:
> ...
>
> > for the debian-developer keys:
> > apt-get install debian-keyring
>
> I've done this some time ago, but now I get:
>
> [-- PGP output follows (current time: Sat
On Sat, Feb 10, 2001 at 06:11:01PM +0100, marcoghidinelli wrote:
...
> for the debian-developer keys:
> apt-get install debian-keyring
>
I've done this some time ago, but now I get:
[-- PGP output follows (current time: Sat Feb 10 19:40:06 2001) --]
gpg: Signature made Sat 10 Feb 2001 06:11:01
On Saturday 10 February 2001 12:54, Carel Fellinger wrote:
> On Sat, Feb 10, 2001 at 06:11:01PM +0100, marcoghidinelli wrote:
> ...
>
> > for the debian-developer keys:
> > apt-get install debian-keyring
>
> I've done this some time ago, but now I get:
>
> [-- PGP output follows (current time: Sat
On Thu, Feb 08, 2001 at 07:30:08PM +, Jim Breton wrote:
> On Thu, Feb 08, 2001 at 08:22:47PM +0100, Christian Hammers wrote:
> > > Currently it won't. :-\ You would have to get the packages yourself
> > > and check the md5sums.
> > Which were of course altered by the cracker. Bad idea.
>
> N
On Sat, Feb 10, 2001 at 06:11:01PM +0100, marcoghidinelli wrote:
...
> for the debian-developer keys:
> apt-get install debian-keyring
>
I've done this some time ago, but now I get:
[-- PGP output follows (current time: Sat Feb 10 19:40:06 2001) --]
gpg: Signature made Sat 10 Feb 2001 06:11:01
On Thu, Feb 08, 2001 at 07:30:08PM +, Jim Breton wrote:
> On Thu, Feb 08, 2001 at 08:22:47PM +0100, Christian Hammers wrote:
> > > Currently it won't. :-\ You would have to get the packages yourself
> > > and check the md5sums.
> > Which were of course altered by the cracker. Bad idea.
>
>
On Thu, 08 Feb 2001, Christian Hammers wrote:
> > Currently it won't. :-\ You would have to get the packages yourself
> > and check the md5sums.
> Which were of course altered by the cracker. Bad idea.
Just subscribe to debian-devel-changes or debian-changes @lists.debian.org,
the .changes files
> Currently it won't. :-\ You would have to get the packages yourself
> and check the md5sums.
Which were of course altered by the cracker. Bad idea.
bye,
-christian-
--
Christian HammersWESTEND GmbH - Aachen und Dueren Tel 0241/701333-0
[EMAIL PROTECTED] Internet & Security for
Anybody know if apt will do any sort of verification of checksums or
anything to validate the package is from debian? I'm using apt to
automate priority security updates on several of my customers firewalls
and i'm curious that is somebody poisons some routes and/or dns caches, we could
have seriou
On Thu, 08 Feb 2001, Christian Hammers wrote:
> > Currently it won't. :-\ You would have to get the packages yourself
> > and check the md5sums.
> Which were of course altered by the cracker. Bad idea.
Just subscribe to debian-devel-changes or debian-changes @lists.debian.org,
the .changes file
> Currently it won't. :-\ You would have to get the packages yourself
> and check the md5sums.
Which were of course altered by the cracker. Bad idea.
bye,
-christian-
--
Christian HammersWESTEND GmbH - Aachen und Dueren Tel 0241/701333-0
[EMAIL PROTECTED] Internet & Security for
Anybody know if apt will do any sort of verification of checksums or
anything to validate the package is from debian? I'm using apt to
automate priority security updates on several of my customers firewalls
and i'm curious that is somebody poisons some routes and/or dns caches, we could
have serio
22 matches
Mail list logo
