[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [debian-devel] Proposal for removal of mICQ package

[Rüdiger Kuhlmann]
> In how far is
> http://www.micq.org/binary/md5sums
> http://www.micq.org/binary/md5sums.asc
> not good enough?

If the goal is to detect trojans in the source, the digital signature
is only as good as the signer, and when the upstream author inserts
the trojan, the signature is no use, as the signer is not to be

Reply to: