Le Thu, Feb 01, 2024 at 10:38:03AM +0100, Simon Josefsson a écrit : > Hi > > I'm exploring how to defend against an attacker who can create valid > signatures for cryptographic private keys (e.g., PGP) that users need to > trust when using an operating system such as Debian. A signature like > that can be used in a targetted attacks against one victim. > > For example, apt does not have any protection against this threat > scenario,
Is not apt-key a protection ? Cheers, -- Bill. <ballo...@debian.org> Imagine a large red swirl here.