On Sat, May 31, 2014 at 12:32:59AM +1000, Alfie John wrote:
I'm definitely wanting to engage in serious discussion. I'm an avid Debian user and am wanting to protect its users. This *is* the Debian security mailing list after all right? All I was trying to do is ask questions as to why it is currently not being HTTPS-enforced and I got flamed for it.
Well, you haven't shown any sign of having studied the publically available documentation or checked the public archives relating to the design decisions. Yes it's the debian-security mailing list, but that doesn't mean that it's scalable for debian to provide a personal walkthrough of the entire package signing architecture for everyone who sends an email to the list, does it?
Mike Stone