On Mon, 2002-12-30 at 20:03, E.B. Dreger wrote: > EC> can be omitted alltogether. Instead, you can (and probably > EC> should) download the key by hand and check the fingerprint > EC> offline (e.g. call friends). > > Likewise, one could have a centrally-distributed copy of the > hints file.
The difference is that the public key does not change [as often as the hints file may]. You may need to download and verify the public key only once in the lifetime of your server. And then check the hints file several times a year. Eugene _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
