Oskar Sandberg writes: > Note also that signatures have absolutely no value unless the root of > the authenication, in this case the fingerprint, is received from some > other source then the message itself. In SSK URIs, the signatures verify > that the data you receive is that which your source of the URI intended > you to get - I haven't really been paying attention to this discussion, > but if these messages are just being broadcast around, what good will > the signature do anyone?
The idea is if you've listened to a channel at least once, you can verify that a rebroadcast message is from that channel. If not, it's a random message from a random nym. Hint: There's no solid authentication from a SSK either. Anyone can generate a keypair and begin publishing. --Dan _______________________________________________ devl mailing list [EMAIL PROTECTED] http://hawk.freenetproject.org/cgi-bin/mailman/listinfo/devl
