Re: dpkg-sig support wanted?
Scripsit Florian Weimer <firstname.lastname@example.org>
> This means that it's dangerous to commit yourself to the contents of a
> document, using a digital signature, unless you fully understand the
> meaning of each byte in the document.
So how do the MD5 sums of .debs end up in a Packages file signed with
the archive key? Do the ftpmasters go over each file with a
disassembler, fully understanding the meaning of each byte in the .deb?
>>> (Note the "rub.de" part of the URL. A clear warning sign.)
>> The nice thing about ad hominem arguments is that you can make them
>> without ever having to argue the merits of your case.
> *shrug* The computer security folks at that university started
> spreading FUD about various security systems, mainly rehashing the
> work of others. They seem to be in it mostly for the publicity.
More ad hominem arguing.
Henning Makholm "Jeg mener, at der eksisterer et hemmeligt
selskab med forgreninger i hele verden, som
arbejder i det skjulte for at udsprede det rygte at
der eksisterer en verdensomspændende sammensværgelse."