On Tue, 2003-02-04 at 18:27, Curt Sampson wrote: > On Tue, 2003-02-04 at 16:13, Kurt Roeckx wrote: > > On Tue, Feb 04, 2003 at 02:04:01PM -0600, Greg Copeland wrote: > > > > > > Even improperly used, digital signatures should never be worse than > > > simple checksums. Having said that, anyone that is trusting checksums > > > as a form of authenticity validation is begging for trouble. > > > > Should I point out that a "fingerprint" is nothing more than a > > hash? > > Since someone already mentioned MD5 checksums of tar files versus PGP > key fingerprints, perhaps things will become a bit clearer here if I > point out that the important point is not that these are both hashes of > some data, but that the time and means of acquisition of that hash are > entirely different between the two.
And that it creates a verifiable chain of entities with direct associations to people and hopefully, email addresses. Meaning, it opens the door for rapid authentication and validation of each entity and associated person involved. Again, something a simple MD5 hash does not do or even allow for. Perhaps even more importantly, it opens the door for rapid detection of corruption in the system thanks to revocation certificates/keys. In turn, allows for rapid repair in the event that the worst is realized. Again, something a simple MD5 does not assist with in the least. Thanks Curt. -- Greg Copeland <[EMAIL PROTECTED]> Copeland Computer Consulting ---------------------------(end of broadcast)--------------------------- TIP 6: Have you searched our list archives? http://archives.postgresql.org
