Re: A GnuPG package for stable? [Rendering Security Insecure]
- To: debian-user@lists.debian.org
- Subject: Re: A GnuPG package for stable? [Rendering Security Insecure]
- From: J Horacio MG <homega@ciberia.es>
- Date: Thu, 23 Sep 1999 09:13:45 +0200
- Message-id: <[🔎] 19990923091345.A436@ciberia.es>
- Reply-to: Horacio <homega@ciberia.es>
- In-reply-to: <19990922213045.24602.qmail@murphy.debian.org>; from debian-user-digest-request@lists.debian.org on Wed, Sep 22, 1999 at 09:30:45PM -0000
- References: <19990922213045.24602.qmail@murphy.debian.org>
> Date: Wed, 22 Sep 1999 15:03:54 -0500
> From: "Eric Gillespie, Jr." <epgilles@olemiss.edu>
> To: "Bruce Z. Lysik" <eldrik@logrus.com>, debian-user@lists.debian.org
> Subject: Re: A GnuPG package for stable?
> Message-ID: <[🔎] 19990922150354.A22093@dethstar>
> Content-Type: multipart/signed; boundary=a8Wt8u1KmwUX3Y2C; micalg=pgp-md5;
> protocol="application/pgp-signature"
>
> I have gpg as well as a few other potato packages compiled for slink at
> http://www.pobox.com/~epg/debian
>
> --
> Eric Gillespie, Jr. <*> epg@pobox.com
Please, don't take this the wrong way ...but, HOW CAN ANYONE TRUST a non
official binary package of a security program?
I'm not saying you're not acting in good faith here, but one SHOULD ONLY
RELY either in Debian (or other known distros/distributors) binary packages,
source or binaries from the official GnuPG site, or any other WELL KNOWN
source of distribution. Else, we may think of this security program as
a potential hole in security.
So, either build it yourself from the sources, or patiently wait for an
official binary release for your system.
Kind Regards,
--
Horacio
homega@ciberia.es
Valencia - ESPAÑA
Reply to: