Scott G. Miller wrote:
> On Thu, Feb 07, 2036 at 02:06:24AM -0500, Ivan cool Tewell wrote:
>
>> What prevents someone from tampering freenet:KSK at blah by:
>>
>> 1. Finding the hash of the public key for the private key, hash("blah")
>> 2. Locating that in your local node
>> 3. Updating the encrypted text with the knowledge that the document name
>> (encryption key) is "blah"
>
>
> Nothing. This is why use of KSKs are strongly discouraged. You'd have to
> update the signature in the storable data too, but yes, it can be
> done. KSKs are the only non-secure keytype.
>
> Scott
>
Isn't it true, however, that, given any key of <i>any</i> keytype, one
could successfully tamper, becase, by their very nature, Freenet keys
must (a) give the user the knowledge to find the freenet search entry
(what's stored on your local node), and (b) allow the user to decrypt
that data?
Ivan.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://emu.freenetproject.org/pipermail/devl/attachments/20010405/f51bbf36/attachment.html>
