tech-security: Re: NetBSD Security Advisory 1999-003

Subject: Re: NetBSD Security Advisory 1999-003
To: matthew green <mrg@eterna.com.au>
From: Ingolf Koch <ingolf@djo-jena.de>
List: tech-security
Date: 02/16/1999 09:10:37

--YZ5djTAD1cGYuMQK
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable

Hi,

Sorry, this is a bit off-topic.

On Tue, Feb 16, 1999 at 03:50:21PM +1100, matthew green wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
>=20
>                  NetBSD Security Advisory 1999-003
[...]

I'm just wondering why there is a pgp signature for this
message made with a key which is not signed by anyone
itself. If there is no one saying that the key really
belongs to security-officer@netbsd.org, why should I
trust a message signed with this key more than an unsigned
message?

Regards
    Ingolf
--=20

Ingolf Koch                            Jena-Optronik GmbH
PGP: 0x7B3B5661  213C 828E 0C92 16B5  05D0 4D5B A324 EC04

--YZ5djTAD1cGYuMQK
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.0i for non-commercial use
MessageID: 4vwR4olW9fqmTofyZKytXU3YQ9sqcYX2

iQCVAwUBNskn+6x/qbJ7O1ZhAQG9dAQAypG3GXM667dEwrkaMwTmvyOIWK/Jw/Jg
d+UEnayakO85AKRcs5QTrddzYy2YShxdYKkbehMon7NywgP4ZcSr8VAWTtnl+ayI
oRvyXKV6rrETChdTYGgkmsOcEXBX0+p/4xEhX04esBSWWuZmyNh8xBR0O58WxAOp
H+nfe6uraiE=
=I5wG
-----END PGP SIGNATURE-----

--YZ5djTAD1cGYuMQK--