Full Disclosure mailing list archives
Re: iDEFENSE: Upcoming OpenSSH Security Advisory Anno Johnson)
From: starwars <nobody () tatooine homelinux net>
Date: Mon, 3 May 2004 23:14:02 +0200 (CEST)
At 02:04 PM 5/3/2004 -0400, Michael Sutton wrote:
*** PGP Signature Status: good *** Signer: Michael Sutton <msutton () idefense com> (Invalid) *** Signed: 5/3/2004 2:04:14 PM *** Verified: 5/3/2004 4:18:14 PM *** BEGIN PGP VERIFIED MESSAGE ***
It would be nice if this was message had been signed with a key that had someone else's signatures on the public key. I mean, at least it's self-signed, but can't you iDefense guys manage to sign each other's keys? Any moron could generate a key with your ID and self-sign it. This isn't the first iDefense spoof. When are you going to take non-repudiation more seriously? _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: iDEFENSE: Upcoming OpenSSH Security Advisory Anno Johnson) starwars (May 03)