Re: Bug#241689: I'm going to NMU this
* John Hasler wrote:
> Colin Watson writes:
> > Do you not think it is important for sponsors to verify what they're
> > sponsoring against trojans? How do you propose to verify a lump of binary
> > data you've received?
> By receiving both binary and source, verifying as you would with a full
> upload, and then uploading only the binary?
And how do you ensure that the binary is built from the source you received?
Fingerprint: A46A 753F AEDC 2C01 BE6E F6DB 97E0 3309 9FD6 E3E6