[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: The Debian Mentors Project



> Of course we can't actually ensure that all uploaded packages on the
> system are secure, for now we trust the testers of the system but in
> future we'll introduce higher security standards.
> 
> If someone can allready point out an eventual solution for this problem
> we'll open to consider any suggestion in order to improve the system.

Perhaps an easy thing to do would just be to show whether or not a
pckage is signed by a key which is signed by a real debian developer.
Ie, use the web of trust.  Then at least one can be reasonable sure that 
the maintainer is real.

jack.



Reply to: