[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Tor Privacy Live CD by the Tor Team

No, they don't have to give their private key out to do so. They can
all sign without risking losing the security of the key.
Comrade Ringo Kamens

On 6/21/07, Benjamin Schieder <blindcoder@xxxxxxxxxxxxxxxxxxxx> wrote:
On 21.06.2007 14:38:37, Ringo Kamens wrote:
> There are already several CDs like this such as RockAte, anonym.os,
> etc. It would be nice if the developers could sign the release so we
> could verify the authenticity of the Tor copies.

Signatures are meaningless if they're on the same physical computer. Anyone
compromising the server hosting both will easily change both.

Benjamin 'blindCoder' Schieder
Registered Linux User #289529: http://counter.li.org
finger blindcoder@xxxxxxxxxxxxxxxxxxxx | gpg --import
http://www.rocklinux.org/ The Distribution Build Kit