gpgsm and expired certificates
Filip M. Nowak
gnupg at oneiroi.net
Sat Nov 2 20:33:35 CET 2013
On 02.11.2013 20:20, Peter Lebbing wrote:
> On 02/11/13 19:48, Uwe Brauer wrote:
>> So either you claim to have evidence that this modules have been hacked
>> and the key pair is transferred to some of these evil organisations or I
>> really don't see your point.
>
> I think the most common way for an X.509 CA to be deceitful is by giving someone
> else a certificate with your name on it, not by stealing your key.
>
> (...)
Not mentioning giving away (actually signing) intermediate CA keys.
Cheers,
Filip
More information about the Gnupg-users
mailing list