Re: uploaded package handling
On Mon, 8 Apr 1996, Bruce Perens wrote:
> PGP is free, and it lets us have us some confidence that the person who
> sent the package really is the maintainer. Given the potential for trojan
> horse attacks, that's important.
>
This seems somewhat paranoid to me beside being redundant. All uploads to
master are now done via the maintainers login and password. This should
be adequate protection from outside meddling. As for internal mistakes,
it's not clear to me that a pgp signature will be a lot of help.
In principle I am opposed to such security measures in what is
substantially a public forum.
Thanks,
Dwarf
------------ --------------
aka Dale Scheetz Phone: 1 (904) 877-0257
Flexible Software Fax: NONE
Black Creek Critters e-mail: dwarf@polaris.net
------------ If you don't see what you want, just ask --------------
Reply to: