Bug#318630: new apt for debian/experimental

[Matt Zimmerman <mdz@debian.org>]

On Fri, Jul 29, 2005 at 02:16:09PM +0200, Michael Vogt wrote:
> On Fri, Jul 29, 2005 at 01:47:27PM +0200, Goswin von Brederlow wrote:
> > could you maybe take a look at my patch in the BTS to allow using
> > [TRUSTED] as vendor tag in sources.list for implizitly tursted
> > repositories?
> 
> Sorry, I haven't looked at it yet (lack of time). If you haven't heard
> from me in ~2 weeks, please nag me again about it :)

I don't object to the idea of having a per-source override, but it should
absolutely be named differently.  Disabling the authentication is a
different policy decision than saying "I trust this source", given that
without the authentication, there is no way to know whether you are talking
to the host named in the configuration.

-- 
 - mdz