On Sat, Nov 05, 2005 at 01:47:08PM +1030, Alphax wrote: > David Shaw wrote: > > On Fri, Nov 04, 2005 at 02:24:09PM -0500, David Shaw wrote: > > > >>On Fri, Nov 04, 2005 at 10:15:16PM +0300, Pawel Shajdo wrote: > >> > >>>Salve! > >>>Can somebody explain me what is "back signatures"? > >>>Manual not very clear about this. > >> > >>It's a countermeasure against an attack against signing subkeys. > >>Basically, the primary key signs all subkeys. With backsigs, the > >>signing subkey also signs the primary key. > >> > >>Without this, an attacker can "steal" a signing subkey from someone > >>else and try and pretend that a signature came from his own key. It's > >>not a particularly good attack: the attacker can't issue signatures to > >>prove his ownership. > > > > > > I should add that this is a new feature for 1.4.3. > > > > Has 1.4.3 been officially released yet?
Not yet, no. David _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
