[OT] Why kill a private key publicly?
Georgi Guninski
guninski at guninski.com
Wed Jul 13 09:49:48 PDT 2016
On Wed, Jul 13, 2016 at 01:04:59AM -0600, Mirimir wrote:
> OK, let's see if you can spoof my email address, and produce a signed
> message with a valid signature :)
>
Spoofing your email detectably is trivial, e.g. with netcat by hand.
If I could sign in your name, why kill your private key publicly,
scaring gpg lusers? Wouldn't it be better for me to profit from your
private key?
IMHO for the majority of lusers, getting their private key is not
related to crypto, more to apps sploits.
lol, just trolling ;)
@juan: denying you wrote something signed is possible too. just revoke
the key, claiming hax0r attack. for plausibility you can leak the
private signing key (assuming it is worthless as it should be on ML).
More information about the cypherpunks
mailing list