[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: ELPA security
From: |
Ted Zlatanov |
Subject: |
Re: ELPA security |
Date: |
Fri, 28 Jun 2013 11:34:07 -0400 |
User-agent: |
Gnus/5.130008 (Ma Gnus v0.8) Emacs/24.3.50 (gnu/linux) |
On Tue, 18 Jun 2013 00:54:32 +0900 "Stephen J. Turnbull" <address@hidden>
wrote:
SJT> Ted Zlatanov writes:
>> CRLs are especially tricky. Trusting a maintainer signature at the
>> archive level and verifying it for each package when it's
>> downloaded seems like a good compromise for Emacs.
SJT> Then there's no need for a signed or unsigned list.
We need a list of exceptions from the "normal" and we need to decide if
signed or unsigned is "normal."
Ted
- Re: ELPA security, Ted Zlatanov, 2013/06/16
- Re: ELPA security, Ted Zlatanov, 2013/06/17
- Re: ELPA security, Ted Zlatanov, 2013/06/19
- Re: ELPA security, Stefan Monnier, 2013/06/19
- Re: ELPA security, Ted Zlatanov, 2013/06/23
- Re: ELPA security, Stefan Monnier, 2013/06/23
- Re: ELPA security, Ted Zlatanov, 2013/06/28
- Re: ELPA security, Nic Ferrier, 2013/06/28
- Re: ELPA security, Stefan Monnier, 2013/06/28
- Re: ELPA security, Daiki Ueno, 2013/06/23