LuKreme wrote: > On 10-Dec-2008, at 20:36, SM wrote: > > > > it's a hexadecimal number which identifies the key. > > And the source of that number is, evidently, a complete mystery. > That's my point. I've seen lots of instructions like this: > > # wget http://somesite.tld/somepath/GPG.KEY > # sudo sa-update --import GPG.KEY > # sudo sa-update --gpgkey 0E28B3DC --channel uber.rule.somesite.tld > > where the '0E28B3DC' has just magically appeared as if created from > the ether. > > Do you see that there is a crucial step missing there? Where did that > gpgkey value come from? If it wasn't provided in these instructions > (like say you were looking for a ruleset at foo.bar.tld/GPG.KEY but > hadn't yet discovered the page that had the magic hex code), how do > you find it? Can you generate it. Is is simply a hash of the gpg > keyfile, or something else? > > It's a bit of "hey, now just fill in this number we hopefully have > given you. Don't worry about what it means, or how it works, or where > it came from. Just copy&paste and you'll be fine." > > Strangely enough, that does not fill me with the highest degree of > confidence. Not much more so that --nogpg.
It's almost like "Just download this key file and you'll be fine. Don't worry about where it came from, just put it in your keyring." The point is that at some point you have to trust the source to give you the correct information. (Which, in the case of an encryption key or key id, will look like a bunch of random numbers) > > Because sa-update is designed to provide updates in a secure way. > > If you want the simplest way, you can ignore these steps and face > > the consequences when something goes wrong. > > Oddly enough, I am able to encrypt emails, sign emails, verify signed > mails, login to ssh ports on remote servers and do a whole host of > secure things without ever having encountered anything like this > gpgkey. I've added the key to the keychain as a trusted key, that is > enough to make it secure. How is this 8 digit hex code making > anything any more secure? Because it specifies WHICH key in your keyring is allowed to sign the updates. -- Bowie
