[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: warning to list

From: Alan Cox <alan redhat com>
To: For testers of Fedora Core development releases <fedora-test-list redhat com>
Subject: Re: warning to list
Date: Tue, 26 Oct 2004 18:38:24 -0400

On Tue, Oct 26, 2004 at 04:03:46PM -0600, Rodolfo J. Paiz wrote:
> His point was that if the package is not signed, then it is easier for
> someone to substitute a trojan package on a mirror server. He's arguing
> that signing packages would add one level of useful security (or "trust"
> if you will, in that at least you would know that the package you
> downloaded had been built at Red Hat or by the Fedora Project.

The question is what should it be signed by I guess. Red Hat don't trust or
warrant rawhide packages.

Follow-Ups:
- Re: warning to list
  - From: Charles R. Anderson

References:
- Re: warning to list
  - From: Paul Iadonisi
- Re: warning to list
  - From: Matias Féliciano
- Re: warning to list
  - From: Paul Iadonisi
- Re: warning to list
  - From: Matias Féliciano
- Re: warning to list
  - From: Paul Iadonisi
- Re: warning to list
  - From: Matias Féliciano
- Re: warning to list
  - From: Ricardo Veguilla
- Re: warning to list
  - From: Rodolfo J. Paiz
- Re: warning to list
  - From: Ricardo Veguilla
- Re: warning to list
  - From: Rodolfo J. Paiz

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]