On Thu, Feb 07, 2036 at 02:06:24AM -0500, Ivan cool Tewell wrote:
> What prevents someone from tampering freenet:KSK at blah by:
>
> 1. Finding the hash of the public key for the private key, hash("blah")
> 2. Locating that in your local node
> 3. Updating the encrypted text with the knowledge that the document name
> (encryption key) is "blah"
Nothing. This is why use of KSKs are strongly discouraged. You'd have to
update the signature in the storable data too, but yes, it can be
done. KSKs are the only non-secure keytype.
Scott
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
URL:
<https://emu.freenetproject.org/pipermail/devl/attachments/20010404/8d8a6aa7/attachment.pgp>
