On Thu, Nov 14, 2002 at 06:38:55PM -0800, Ian Clarke wrote: > On Thu, Nov 14, 2002 at 06:02:48PM -0800, Scott Miller wrote: > > If you guys want to be super paranoid about this, we can use a > > secret-sharing scheme or just multiple signatures, but store the private > > keys on physical security tokens (such as http://www.ibutton.com). > > That wouldn't prevent someone from tricking a developer or developers > into signing a modified jar.
"Tricking"? For the record, my price is $10,000. -- Oskar Sandberg [EMAIL PROTECTED] _______________________________________________ devl mailing list [EMAIL PROTECTED] http://hawk.freenetproject.org/cgi-bin/mailman/listinfo/devl