[WikiEN-l] Encrypted challenge-responses for PGP/GPG key users
Avi
avi.wiki at gmail.com
Tue May 8 16:59:40 UTC 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
With all of the password hacking that has been occurring, the issue of
re-sysopping users is being discussed on WP:ANI.
For admins with PGP/GPG keys, one suggested method for confirming that the
admin him or herself has regained control of the account (or is behind the
new e-mail) is to use that key to verify the person.
Of course, this only works if the verification occurred before any hack
attempts.
I know a number of you have encryption keys (all those pesky attachments and
such) so in parallel with the discussion here:
http://en.wikipedia.org/wiki/Wikipedia:Administrators%27_noticeboard/Incidents#Suggestion_for_enhanced_Admin_identification_and_securityit
may not be a poor idea for some of us to either meet in person with
out
fingerprints, or at the very least perform encrypted challenge-responses
with each other, to create a baseline for identification purposes.
Just a thought.
Avi
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (MingW32) - WinPT 1.2.0
iD8DBQFGQKwey6A/RnheoikRApGyAJ9j5gbAWsyB/FDwC/aY0yXNuHOfVQCcC0x1
Q4oBz6ErW5LwmLEHqZk5aoo=
=BMkX
-----END PGP SIGNATURE-----
More information about the WikiEN-l
mailing list