[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: "The Trojan Horse": a small inaccuracy

Hi Ray and others,

I did indeed anticipate Debian's switch to GPG in my article, mostly
because I chose to promote a free product over a non-free one. Sorry!
Are the problems _only_ with exit status? If so, I'd assume they can be
fixed soon.

Copy to me - I'm not on the debian-devel list.



From: "J.H.M. Dassen (Ray)" <jdassen@wi.leidenuniv.nl>

Hi Bruce,

In http://www.lwn.net/1998/1119/Trojan.html you write (regarding uploads in
>Almost all of those developers are set up to provide public-key signatures
>of their uploads using GNU Privacy Guard

This is not yet the case; currently, we still use PGP. GPG is AFAICT
regarded by its maintainer as not yet fully suitable for this task (e.g.
having it set proper exit codes so dinstall can use it is somewhat
difficult). We are of course preparing for a transition to GPG (e.g. dpkg
has already been modified to be able to use GPG for signing), but that
transition has not happened yet.


Reply to: