Re: Official Debian digital 'branding' of debs

To: debian-devel@lists.debian.org
Subject: Re: Official Debian digital 'branding' of debs
From: Manoj Srivastava <srivasta@debian.org>
Date: 23 Jun 1999 10:20:23 -0500
Message-id: <[🔎] 87909bx7t4.fsf@glaurung.green-gryphon.com>
In-reply-to: Wichert Akkerman's message of "Sun, 20 Jun 1999 17:47:09 +0200"
References: <[🔎] 376A06C5.F365D0E1@saab.se> <[🔎] 19990618134125.B10610@quango2.watervalley.net> <[🔎] 19990620114604.B16282@jab.home> <[🔎] 19990620174709.C24016@mors.net>

Hi,
>>"Wichert" == Wichert Akkerman <wichert@cs.leidenuniv.nl> writes:

 Wichert> Because just signing everything that is on ftp.debian.org
 Wichert> automatically will create a false sense of security, which
 Wichert> is even worse.
        
        I agree. Each package should be signed by the developer who
 created it (this is required anyway to get it uploaded). The validity
 of the key is ensured by its presence in an official Debian
 keyring. You know it is official since it is signed by the Master
 key. 


        manoj

-- 
 "Take that, you hostile sons-of-bitches!" James Coburn, in the finale
 of _The_President's_Analyst_
Manoj Srivastava   <srivasta@debian.org>  <http://www.debian.org/%7Esrivasta/>
Key C7261095 fingerprint = CB D9 F4 12 68 07 E4 05  CC 2D 27 12 1D F5 E8 6E

Reply to:

References:
- Official Debian digital 'branding' of debs
  - From: Gunnar.Isaksson@saab.se
- Re: Official Debian digital 'branding' of debs
  - From: Chris Lawrence <quango@watervalley.net>
- Re: Official Debian digital 'branding' of debs
  - From: Sarel Botha <sjb@dundee.lia.net>
- Re: Official Debian digital 'branding' of debs
  - From: Wichert Akkerman <wichert@cs.leidenuniv.nl>

Prev by Date: Sound-monitor 0.7.0 package
Next by Date: Re: Official Debian digital 'branding' of debs
Previous by thread: Re: Official Debian digital 'branding' of debs
Next by thread: Re: Official Debian digital 'branding' of debs
Index(es):
- Date
- Thread