Y
Hacker News
new
|
ask
|
show
|
jobs
by
bob1029
86 days ago
The private key should be tightly scoped to its context of use. I would definitely agree with you if it's one key that rules the entire kingdom.
1 comments
tjoff
86 days ago
Not sure I follow? Lets say it is limited to one use only, sign an app.
Since I've got control of the box I can now use it to sign any app. Isn't that bad enough?
link
Since I've got control of the box I can now use it to sign any app. Isn't that bad enough?