[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Package management unsafe?

On Sun, 2008-07-13 at 02:13 +0200, Franklin PIAT wrote:
> Hello,
> On Sat, 2008-07-12 at 23:13 +0000, Joe Smith wrote:
> > Andrei Popescu <andreimpopescu <at> gmail.com> writes:
> > 

> One costly solution would be to get the client the send a challenge to a
> trusted server, which would respond by gpg-signed the challenge + the
> checksum of current .Release file.

How would all these schemes work with offline mirrors? eg, ones that are
built, and used without an internet connection for a month.


> Franklin
Karl Goetz <karl@kgoetz.id.au>

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to: