Re: Time for apt-secure?
- To: email@example.com
- Subject: Re: Time for apt-secure?
- From: Camillo Särs <firstname.lastname@example.org>
- Date: Mon, 01 Dec 2003 11:26:02 +0200
- Message-id: <[🔎] 3FCB092A.email@example.com>
- In-reply-to: <20031130183032.GA1519@mathom.us>
- References: <E1APUkT-0007fMfirstname.lastname@example.org> <3FC71120.email@example.com> <20031130183032.GA1519@mathom.us>
Michael Stone wrote:
On Fri, Nov 28, 2003 at 11:10:56AM +0200, Camillo Särs wrote:
Yes, I did note that "there are many wrinkles to iron out". That's
not the point I am trying to make. I don't think anyone would be
foolish enough to think apt-secure provides "total security".
What would be foolish is thinking that it would have had any benefit in
Would you care to elaborate a bit on that point? Or do you just enjoy calling
me a fool?
Essentially, as communications in the beginning of the incident were scarce at
best, and nonexistant at worst, I really benefited from using apt-secure. It
meant that I did not have to rely only on unreliable sources for trust in the
archives. I also had some trust in apt-secure's ability to eliminate obvious
trojans. Thus I could sit down and wait for more info.
As an example, 3.0r2 did not install on my system before I reconfigured trust
in the archives. This worked as intended, although that may not be
Again, as you deem me foolish for having this trust in apt-secure, I would
certainly like to hear why.
Camillo Särs <+firstname.lastname@example.org> ** Aim for the impossible and you
<http://www.iki.fi/+ged> ** will achieve the improbable.
PGP public key available **