[pmwiki-users] Infected Cookbook Recipes?
mogulguy at yahoo.com
Mon Sep 22 09:31:22 CDT 2008
But in order to sign the files, the public key for the signature would have to be posted somewhere! Perhaps the author's profile page would be a good place to put that, the author could password protect this page? But if we do that, why not simply put the MD5 hashes on the author's profile page instead?
--- On Mon, 9/22/08, Christophe David <pmwiki at christophedavid.org> wrote:
> From: Christophe David <pmwiki at christophedavid.org>
> Subject: Re: [pmwiki-users] Infected Cookbook Recipes?
> To: "Hans" <design5 at softflow.co.uk>
> Cc: "PmWiki Users" <pmwiki-users at pmichaud.com>
> Date: Monday, September 22, 2008, 9:12 AM
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> > But it is quite a bit of extra work, and it forces a
> user to install
> > GPG in order to use the recipe.
> No: the user gets a .zip file containing the recipe that
> can be used
> directly. If *and only if* he wants to validate it, he can
> use GPG.
> The developer would just upload a zip file instead of a php
> Many files are already distributed on the internet with a
> file: look for example at PasswordSafe on
> Each file is supplied with a signature.
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (GNU/Linux)
> -----END PGP SIGNATURE-----
> pmwiki-users mailing list
> pmwiki-users at pmichaud.com
More information about the pmwiki-users