|
Home > Archive > Debian Developers > October 2004 > An important lesson
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
An important lesson
|
|
|
|
|
|
| Adrian 'Dagurashibanipal' von Bidder 2004-10-28, 5:52 pm |
| | |
| Stuart Yeates 2004-10-28, 5:52 pm |
| Matthew Garrett wrote:
> Developers, do not allow
>
> http://www.google.com/search?q=inurl%3Asecring.gpg
>
> to happen to you.
I haven't checked lately, but at least some of those used to be:
(a) secret keys used in regression tests,
(b) honeypots and
(c) findable via google but not downloadable
cheers
stuart
--
Stuart Yeates stuart.yeates@computing-services.oxford.ac.uk
OSS Watch http://www.oss-watch.ac.uk/
Oxford Text Archive http://ota.ahds.ac.uk/
Humbul Humanities Hub http://www.humbul.ac.uk/
--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
| |
| Scott James Remnant 2004-10-28, 5:52 pm |
| On Thu, 2004-10-28 at 18:08 +0200, Adrian 'Dagurashibanipal' von Bidder
wrote:
> On Thursday 28 October 2004 16.40, Matthew Garrett wrote:
>
> I guess this was unavoidable in a posting about a security related issue
> with GnuPG...
>
Verifies fine here.
Scott
--
Have you ever, ever felt like this?
Had strange things happen? Are you going round the twist?
| |
| Don Armstrong 2004-10-28, 8:47 pm |
| On Thu, 28 Oct 2004, Scott James Remnant wrote:
> On Thu, 2004-10-28 at 18:08 +0200, Adrian 'Dagurashibanipal' von Bidder
> wrote:
> Verifies fine here.
If you ignore the:
gpg: WARNING: This key has been revoked by its owner!
gpg: This could mean that the signature is forgery.
gpg: reason for revocation: Key has been compromised
gpg: revocation comment: Compromised on the uid/gid remapping on alioth
perhaps.
Don Armstrong
--
Quite the contrary; they *love* collateral damage. If they can make
you miserable enough, maybe you'll stop using email entirely. Once
enough people do that, then there'll be no legitimate reason left for
anyone to run an SMTP server, and the spam problem will be solved.
Craig Dickson <crdic@pacbell.net>
http://www.donarmstrong.com http://rzlab.ucr.edu
--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
| |
| Adrian 'Dagurashibanipal' von Bidder 2004-10-29, 2:49 am |
| | |
| Scott James Remnant 2004-10-29, 7:48 am |
| On Thu, 2004-10-28 at 16:57 -0700, Don Armstrong wrote:
> On Thu, 28 Oct 2004, Scott James Remnant wrote:
>
> If you ignore the:
>
> gpg: WARNING: This key has been revoked by its owner!
> gpg: This could mean that the signature is forgery.
> gpg: reason for revocation: Key has been compromised
> gpg: revocation comment: Compromised on the uid/gid remapping on alioth
>
> perhaps.
>
Heh, had to refresh the key to get *that* :D I already had that key in
my keyring unrevoked.
Scott
--
Have you ever, ever felt like this?
Had strange things happen? Are you going round the twist?
|
|
|
|
|