previously on this list Giancarlo Razzolini contributed: I believe that with the interdiction > programs that NSA has, and maybe also other governments, CD's can not be > entitled with the same trust as before.
Why would you have so much trust in the ether unless you have met someone with say a DNSSEC key or have a web of trust with someone you have met and that you trust and has met and swapped keys further up the line. The first key for DNSSEC is almost always untrusted, though you can use SSL to check the fingerprint. Surely it takes more resources for the NSA to get your particular CD? and surely you should be prioritising other concerns than the NSA anyway and would see the CD as a valuable extra authentication? Along the lines of what the OpenBSD manual says, if the black suits target you, do you really believe you can stop them? -- _______________________________________________________________________ 'Write programs that do one thing and do it well. Write programs to work together. Write programs to handle text streams, because that is a universal interface' (Doug McIlroy) In Other Words - Don't design like polkit or systemd _______________________________________________________________________
