| From: | "Andrew Dunstan" <andrew(at)dunslane(dot)net> |
|---|---|
| To: | "Kurt Roeckx" <Q(at)ping(dot)be> |
| Cc: | "PostgreSQL Hackers" <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: PGP signing releases |
| Date: | 2003-02-05 01:40:57 |
| Message-ID: | 001f01c2ccb7$a1d50950$6401a8c0@DUNSLANE |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
----- Original Message -----
From: "Kurt Roeckx" <Q(at)ping(dot)be>
>
> Should I point out that a "fingerprint" is nothing more than a
> hash?
>
If somebody shows you their passport to prove who they are and then gives
you a fingerprint of their PGP key, they have implicitly signed that
fingerprint. By contrast, a simple MD5 checksum of a binary sitting on the
same server is effectively unsigned.
You might like to do a little reading on PKI and how it works, before you
make further comment.
cheers
andrew
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tatsuo Ishii | 2003-02-05 02:32:36 | Re: POSIX regex performance bug in 7.3 Vs. 7.2 |
| Previous Message | Christopher Kings-Lynne | 2003-02-05 01:38:30 | Re: [GENERAL] HELP NEEDED: Recreating DROP columns |