27 Dec
2011
27 Dec
'11
02:32
On Mon, Dec 26, 2011 at 9:27 PM, Cristian Rodríguez <crrodriguez@opensuse.org> wrote:
On 26/12/11 18:45, Claudio Freire wrote:
In order to sign entries, the logging daemon needs to have the keys.
There are no keys...looks like nobody has bothered to read anything at all. :-|
It uses chained hashes. Keyed or not, don't remember. If they're not keyed, anyone can falsify records, they only have to rewrite all hashes. So I assume they're keyed. If they are, my earlier point holds. Hence, no security in any case. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org