Re: 2 security issues
From: Seth Arnold (sarnold@wirex.com)Date: 12/13/01
- Previous message: David Chin: "Re: Postfix/Exim Security"
- In reply to:(deleted message) mike ledoux: "Re: 2 security issues"
- Next in thread: Robin Lynn Frank: "Re: 2 security issues"
- Next in thread: Dave Vehrs: "RE: 2 security issues"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 13 Dec 2001 13:30:59 -0800 From: Seth Arnold <sarnold@wirex.com> To: Focus on Linux Mailing List <focus-linux@securityfocus.com>
On Wed, Dec 12, 2001 at 03:12:50PM -0500, mike ledoux wrote:
> > Just remember that anything that can be automatically done, can be
> > automatically "un-done". That's like locking the door but leaving the key
> > under the mat.
>
> I don't believe that is true in this case. For GPG to encrypt to a key,
> it only needs the public key; to decrypt it needs both the private key
> and the passphrase. As long as the machine doing the encrypting doesn't
> have a copy of the private key, it should be quite difficult for someone
> to automatically undo the encryption.
I interpreted this original response along the lines of, "Note that you
can automate the encrypting process, but someone else might come along,
and either remove it, or save originals someplace else.."
Cheers
-- The Bill of Rights: 7 out of 10 rights haven't been sold yet! Contact your congressman for details how *you* can buy one today!
- application/pgp-signature attachment: stored
- Previous message: David Chin: "Re: Postfix/Exim Security"
- In reply to:(deleted message) mike ledoux: "Re: 2 security issues"
- Next in thread: Robin Lynn Frank: "Re: 2 security issues"
- Next in thread: Dave Vehrs: "RE: 2 security issues"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
