[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: Should Fedora rpms be signed?

From: "William Hooper" <whooperhsd3 earthlink net>
To: fedora-test-list redhat com
Subject: Re: Should Fedora rpms be signed?
Date: Tue, 26 Oct 2004 08:25:39 -0400 (EDT)

nodata said:
> A recent scam involving fake updates to Fedora has highlighted the lack
> of signed RPMs for Fedora Core.

How?  Would it make you feel better if the fake updates had installed a
signature first?  Or told you that you had to install a new key from the
fake site?  The ONLY thing that signatures tell you is that the RPM has
been signed with a particular key, that's it.

The only thing that was shown is that there are potentially people that
will blindly follow directions from any random e-mail they recieve.

(I leave to others to explain the difference between "Fedora Core" RPMs
(that are signed) and "Rawhide" RPMs (which may or may not be signed).)

-- 
William Hooper

Follow-Ups:
- Re: Should Fedora rpms be signed?
  - From: nodata
- Re: Should Fedora rpms be signed?
  - From: Matias Féliciano

References:
- Should Fedora rpms be signed?
  - From: nodata

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]