Re: are md5sums mandatory for all packages?
On 19 Dec 1997, James Troup wrote:
> Milan Zamazal <pdm@informatics.muni.cz> writes:
>
> > > I still fail to see any advantages in what even you admit is a
> > > half baked security solution. There is a better, more secure, real
> > > solution in terms of tripwire.
> >
> > But we have none -- tripwire is non-free software.
>
> When has that ever stopped Debian? We use a non-free MTA on for
> handling our mail, we insist on our packages' .dsc and .changes files
> being signed by the non-free PGP and we encourage people to connect to
> master and va with the non-free ssh. "do what I say, not what I do"
And the instant someone provides us with free software equivilant to ssh
or pgp, we'll move to use it. We need the functionality, unfortunatly
sometimes you have to use what you can get.
As for qmail, when it was set up we believed the final product would be a
bit more free. Its rough for the appropriate people to find a way to
change to something else without breaking the mail setup.
--
Scott K. Ellis <storm@gate.net> http://www.gate.net/~storm/
Reply to: