1995-10-04 - Re: Netscape finally issuing md5sums/pgp signed binaries ? (was Re: NetScape’s dependence upon RSA down for the count!)

Header Data

From: Derek Atkins <warlord@MIT.EDU>
To: “Jeff Weinstein” <jsw@netscape.com>
Message Hash: df31985917201b6ad595d676baaaa5642e945ad03cf9dc93c71e9d97c63354ec
Message ID: <199510040123.VAA11236@toxicwaste.media.mit.edu>
Reply To: <9510031403.ZM151@tofuhut>
UTC Datetime: 1995-10-04 01:23:46 UTC
Raw Date: Tue, 3 Oct 95 18:23:46 PDT

Raw message

From: Derek Atkins <warlord@MIT.EDU>
Date: Tue, 3 Oct 95 18:23:46 PDT
To: "Jeff Weinstein" <jsw@netscape.com>
Subject: Re: Netscape finally issuing md5sums/pgp signed binaries ? (was Re: NetScape's dependence upon RSA down for the count!)
In-Reply-To: <9510031403.ZM151@tofuhut>
Message-ID: <199510040123.VAA11236@toxicwaste.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


>   Yes, I get the idea about spewing the signed hashes everywhere.  The
> problem I have is with the user of PGP.  That will help cypherpunks,
> but does absolutely nothing for most of our millions of users, who
> have no idea what PGP is.  Perhaps its enough to assume that if anyone
> is tampering with the distribution, some cypherpunk will stumble across
> it...

If nothing else, Jeff, it will expose those "millions of users, who
have no idea what PGP is" to PGP.  And, hopefully, some of those
"millions of users" might even take the time to grab PGP and take a
look at that, too.

In other words, there is nothing to lose (except a little bit of time
and effort, and a small amount of storage space) and there is a heck
of a lot to gain by including PGP signatures.

-derek

Thread

• Return to October 1995

• Return to “Derek Atkins <warlord@MIT.EDU>”
• Return to “jbass@dmsd.com (John L. Bass)”
• Return to ““Jeff Weinstein” <jsw@netscape.com>”
• Return to “Jiri Baum <jirib@sweeney.cs.monash.edu.au>”
• Return to “jsw@neon.netscape.com (Jeff Weinstein)”
• Return to “Laurent Demailly <dl@hplyot.obspm.fr>”
• Return to “Rick Busdiecker <rfb@lehman.com>”

• Return to “sameer <sameer@c2.org>”

• 1995-10-03 (Mon, 2 Oct 95 18:48:00 PDT) - Re: NetScape’s dependence upon RSA down for the count! - jbass@dmsd.com (John L. Bass)
  • 1995-10-03 (Mon, 2 Oct 95 19:48:34 PDT) - Netscape finally issuing md5sums/pgp signed binaries ? (was Re: NetScape’s dependence upon RSA down for the count!) - Laurent Demailly <dl@hplyot.obspm.fr>
  • 1995-10-03 (Mon, 2 Oct 95 23:34:59 PDT) - Re: Netscape finally issuing md5sums/pgp signed binaries ? (was Re: NetScape’s dependence upon RSA down for the count!) - jsw@neon.netscape.com (Jeff Weinstein)
  • 1995-10-03 (Tue, 3 Oct 95 10:20:40 PDT) - Re: Netscape finally issuing md5sums/pgp signed binaries ? (was Re: NetScape’s dependence upon RSA down for the count!) - Laurent Demailly <dl@hplyot.obspm.fr>
  • 1995-10-03 (Tue, 3 Oct 95 14:07:15 PDT) - Re: Netscape finally issuing md5sums/pgp signed binaries ? (was Re: NetScape’s dependence upon RSA down for the count!) - “Jeff Weinstein” <jsw@netscape.com>
    • 1995-10-04 (Tue, 3 Oct 95 17:29:31 PDT) - Strong authentication for Netscape distributions - Rick Busdiecker <rfb@lehman.com>
    • 1995-10-04 (Tue, 3 Oct 95 18:23:46 PDT) - Re: Netscape finally issuing md5sums/pgp signed binaries ? (was Re: NetScape’s dependence upon RSA down for the count!) - Derek Atkins <warlord@MIT.EDU>
    • 1995-10-04 (Tue, 3 Oct 95 19:20:58 PDT) - Re: Netscape finally issuing md5sums/pgp signed binaries ? (was Re: NetScape’s dependence upon RSA down for the count!) - Jiri Baum <jirib@sweeney.cs.monash.edu.au>
      • 1995-10-04 (Tue, 3 Oct 95 20:06:30 PDT) - Re: Netscape finally issuing md5sums/pgp signed binaries ? (was Re: NetScape’s dependence upon RSA down for the count!) - sameer <sameer@c2.org>