incubator-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Daniel Shahaf <...@daniel.shahaf.name>
Subject Re: Key security (Re: KEYS and releases)
Date Tue, 28 Jun 2011 13:33:37 GMT
Nick Kew wrote on Tue, Jun 28, 2011 at 14:13:51 +0100:
> As of now, how would you know if I were to smuggle in a key
> pretending to be yours and start signing things?

Don't stop here.  If you can smuggle a signature into dist/ then
you can smuggle an artefact too.  

---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
For additional commands, e-mail: general-help@incubator.apache.org


Mime
View raw message