Re: Integrity of Debian packages
Andrew,
Apologies - I'm having a bad day. Ignore previous
e-mail. If I'd bothered to read the start of the
article properly I would have picked up where it
was coming from a bit better.
However, check out :
http://groups.google.com/groups?q=debian+signatures&hl=en&lr=&ie=UTF-8&selm=20010314170107.A347%40kitenet.net&rnum=3
There's been stuff going on for quite a while on
this front.
I'm also not convinced that there needs to be a
single trusted point. It seems to me that the
Debian "web of trust" is a perfectly adequate
method for gaining the required level of trust.
Cheers,
Berin
>
> From: Andrew Pollock <debian-lists@andrew.net.au>
> Subject: Integrity of Debian packages
> Date: 07/03/2003 12:33:15
> To: debian-security@lists.debian.org
>
> Hi,
>
> One of my friends sent me this URL, it's an oldie, and the topic in
> general has been discussed before, but this article certainly does raise
> some concerns.
>
> http://www.astalavista.com/privacy/library/magic-lantern/fbi.shtml
>
> Andrew
>
>
> --
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
>
This message was sent through MyMail http://www.mymail.com.au
Reply to: