Re: [Gnu-arch-users] tla--devo--1.2 has preliminary gpg stuff

gnu-arch-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnu-arch-users] tla--devo--1.2 has preliminary gpg stuff

From:	Robert Collins
Subject:	Re: [Gnu-arch-users] tla--devo--1.2 has preliminary gpg stuff
Date:	Sat, 27 Dec 2003 09:58:09 +1100

On Sat, 2003-12-27 at 06:55, Tom Lord wrote:

> 
> At any rate, it should only be an error if the archive is a signed
> archive.  Otherwise it should be at most a single warning that the
> archive is unsigned.

I think that that should be configurable in the long term - i.e.
--assume-signed-archive or some such - and retain the current behaviour
in the short term.

Otherwise, our conceptual attacker can simply remove
\=meta-info/signed-archive, and turn a hard failure into a warning.

Rob



-- 
GPG key available at: <http://www.robertcollins.net/keys.txt>.

signature.asc
Description: This is a digitally signed message part

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Gnu-arch-users] tla--devo--1.2 has preliminary gpg stuff, (continued)
- Re: [Gnu-arch-users] tla--devo--1.2 has preliminary gpg stuff, Johannes Berg, 2003/12/26
  - Re: [Gnu-arch-users] tla--devo--1.2 has preliminary gpg stuff, James Blackwell, 2003/12/26
    - Re: [Gnu-arch-users] tla--devo--1.2 has preliminary gpg stuff, Johannes Berg, 2003/12/26
    - Re: [Gnu-arch-users] tla--devo--1.2 has preliminary gpg stuff, James Blackwell, 2003/12/26
    - Re: [Gnu-arch-users] tla--devo--1.2 has preliminary gpg stuff, Johannes Berg, 2003/12/26
    - Re: [Gnu-arch-users] tla--devo--1.2 has preliminary gpg stuff, Tom Lord, 2003/12/26
    - Re: [Gnu-arch-users] tla--devo--1.2 has preliminary gpg stuff, Tom Lord, 2003/12/26
    - Re: [Gnu-arch-users] tla--devo--1.2 has preliminary gpg stuff, James Blackwell, 2003/12/26
    - Re: [Gnu-arch-users] tla--devo--1.2 has preliminary gpg stuff, Tom Lord, 2003/12/26
    - Re: [Gnu-arch-users] tla--devo--1.2 has preliminary gpg stuff, Robert Collins <=
    - Re: [Gnu-arch-users] tla--devo--1.2 has preliminary gpg stuff, Andrew Suffield, 2003/12/26
    - Re: [Gnu-arch-users] tla--devo--1.2 has preliminary gpg stuff, Tom Lord, 2003/12/26
    - Re: [Gnu-arch-users] tla--devo--1.2 has preliminary gpg stuff, Andrew Suffield, 2003/12/27
    - Re: [Gnu-arch-users] tla--devo--1.2 has preliminary gpg stuff, James Blackwell, 2003/12/27
    - Re: [Gnu-arch-users] tla--devo--1.2 has preliminary gpg stuff, Andrew Suffield, 2003/12/27
    - Re: [Gnu-arch-users] tla--devo--1.2 has preliminary gpg stuff, Robert Collins, 2003/12/27
  - Re: [Gnu-arch-users] tla--devo--1.2 has preliminary gpg stuff, Tom Lord, 2003/12/26

Prev by Date: Re: [Gnu-arch-users] sftp rename?
Next by Date: Re: [Gnu-arch-users] sftp rename?
Previous by thread: Re: [Gnu-arch-users] tla--devo--1.2 has preliminary gpg stuff
Next by thread: Re: [Gnu-arch-users] tla--devo--1.2 has preliminary gpg stuff
Index(es):
- Date
- Thread