Time to resurrect multi-key signatures in RPM?
Bojan Smojver
bojan at rexursive.com
Thu Aug 28 11:15:20 UTC 2008
On Thu, 2008-08-28 at 12:48 +0200, Nils Philippsen wrote:
> I don't know if they do that at all or with everybody, in fact I'm
> pretty sure they will accept the IDs at face value. Maybe they verify
> old documents that don't have all the gizmos that make the ID hard to
> fake today. I just wanted to point out that they can do that.
Yeah, it's like customs. You can scrape by, but if they do cross-check,
you're history if you have nasties in your bag :-)
> All this doesn't help much if somebody manages to feed the process with
> corrupt data in the beginning
I think I mentioned already that such a thing would be (obviously)
beyond the scope of this.
But look, it is obvious that we (and by this I mean myself and the
majority of people in the thread) have fundamentally contradicting views
about this, so let's agree to disagree, OK? I don't want to drag this
forever.
Consider my proposal withdrawn.
--
Bojan
More information about the devel
mailing list