* Ken Snider <ksnider at flarn.com> [2006-07-11 13:11:45]: > Matthew Toseland wrote: > >That's called "update over mandatory". There are two complications: > >1. We must be able to verify the signature on the update. We don't trust > >our peers *THAT* much that we'd deploy unsigned code from them! > >2. We must determine whether the revocation key has been blown. This > >means we must get a majority or universal verdict from a number of our > >peers on this fact. > > Can both of these not be solved with PKI? Simply signing the build with a > key under Freenet's control would solve the trust issue, and be verifiable > on a client independent of any network activity, yes? > > --Ken. SSKs are already using pubkey encryption ... the problem is that we can't verify it without metadatas...
and atm we don't have a "binary blob" exchangeable at DMT level NextGen$ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Digital signature URL: <https://emu.freenetproject.org/pipermail/tech/attachments/20060711/7e374023/attachment.pgp>
