Re: Preventing government subversion in Debian, verification of binary package uploads
Thomas Hood <email@example.com> writes:
> If a Debian contributor were faced with a demand to do something that
> undermines the privacy or other interests of Debian users then I would
> hope and expect that the contributor would choose instead to cease being
> a contributor. Were he not to do so then he would have to be regarded as
> an infiltrator.
> Here I assume that U.S. law is not so draconian that it can require
> someone who has contributed to Debian (and who is therefore trusted) to
> continue doing so.
I believe that assumption is not correct based on previous things that
have happened with National Security Letters from the small amount of
public information that people have been able to gather.
Russ Allbery (firstname.lastname@example.org) <http://www.eyrie.org/~eagle/>