Quote:
Originally Posted by jggimi
I thought I had done so an hour earlier, here.
|
By now you will have noticed that I'm a bit dense but I've a good excuse: I'm in my late 60s.
In your future replies to my posts, please do give me a bit of leeway.
Quote:
Originally Posted by jggimi
All that these systems do is prove is that the person with the private key has signed the plaintext, and that it subsequently arrived without change. Any other comfort or feeling of safety you take beyond that simple fact is an assumption on your part.
No digital signature system, including the GPG toolset you are familiar with, can prevent that plaintext from attacks before it is signed, nor protect you if the person who has signed it are themselves a bad actor.
|
You're absolutely right and I totally agree with you on the above.
Quote:
Originally Posted by jggimi
This inherent weakness in established frameworks is one of the reasons that OpenBSD developed signify(1), as it limits the chain of trust to a single authority.
|
What is that single authority? Thanks in advance for your answer.