Re: Don't use PGP/GPG signatures in mail that contains patches

From: Eric Wong
Date: Tue Jan 19 2016 - 16:15:40 EST

Next message: Jens Axboe: "[GIT PULL] Core block IO changes for 4.5"
Previous message: Mark Brown: "Re: [RFC PATCH v2 0/4] CPUs capacity information for heterogeneous systems"
In reply to: Andrey Utkin: "Re: Don't use PGP/GPG signatures in mail that contains patches"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Andrey Utkin <andrey.od.utkin@xxxxxxxxx> wrote:
> But still, if we encourage signing maillist correspondence, we would
> avoid impersonation attacks. Imagine that somebody sends stupid
> submissions from your name, maintainers shout at you, and your
> reputataion is... changed. Of course, you will be able to sort things
> out after you read the replies and reply that it's not you. But, given
> to openness of maillists, the attacker is able to follow your replies
> and insert his ones. Or to reply to your valid submissions that they are
> not from you.

Is impersonation an actual problem on vger.kernel.org lists?
Reply-to-all conventions on these lists do a great deal to discourage them.

Next message: Jens Axboe: "[GIT PULL] Core block IO changes for 4.5"
Previous message: Mark Brown: "Re: [RFC PATCH v2 0/4] CPUs capacity information for heterogeneous systems"
In reply to: Andrey Utkin: "Re: Don't use PGP/GPG signatures in mail that contains patches"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]