Essentially yes, but we should automate this on a lower level for reasons of architecture, reliability, automation, etc.
On Sun, Feb 05, 2006 at 10:37:45PM +0100, freenetwork at web.de wrote: > >> If Toad or Ian (or anyone who knwos the private key of the freesite) is > >> arrested by the Police, they could force him to give the private key of > >> the freesite and blow every nodes... > > > >That's the major issue : what to do in case of a key compromission ? > > idea, no solution: > > have a row of images along the topside of the freesite, that point to SSK at > sskspaceofdeveloper#1/revoked.jpg with each a private ssk-keyspace for each > core person of freenetproject.org. > normally these images won't load but if one of the core persons think the > site is compromised they can upload this image, so even if the maintainer of > the site or the site's private key is lost/published it would be possible for > the other peoples to load up some big red > warning message images so the visitors can be aware of the "hacked" status of > the freesite > > >> I'm sure it can be solved easily ;-D > >Suggestions are welcome :) > > > >Creating a PKI and maintaining a CRL ... requiring builds to be signed > >by several devs... > > > >NextGen$ > >> > >> > >> What do you think about that ? -- Matthew J Toseland - toad at amphibian.dyndns.org Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Digital signature URL: <https://emu.freenetproject.org/pipermail/tech/attachments/20060206/908c4272/attachment.pgp>
