On Thu, Dec 21, 2000 at 08:12:14PM +0100, Christian Kurz wrote: > On 00-12-21 Colin Phipps wrote: > > On Thu, Dec 21, 2000 at 04:09:07PM +0100, Christian Kurz wrote: > > > And who will create this key? Who will have the passphrase? Who will > > > sign the packages? > > > Someone on master.debian.org, presumably the ftp admins. > > And so you trust this admins? Just asking because some people here have > a lot of paranoia. Signing packages on the master mirror guards against compromised or spoofed mirrors. Not trusting the master mirror or its admins is a separate, and much harder problem. -- Colin Phipps http://www.netcraft.com/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
- Re: Debian audititing tool? Colin Phipps
- Re: Debian audititing tool? Peter Eckersley
- Re: Debian audititing tool? Peter Cordes
- Re: Debian audititing tool? Christian Kurz
- Re: Debian audititing tool? Rene Mayrhofer
- Re: Debian audititing tool? Jacob Kuntz
- Re: Debian audititing tool? Jan Martin Mathiassen
- Re: Debian audititing tool? Dan Hutchinson
- Re: Debian audititing tool? Rene Mayrhofer
- Re: Debian audititing tool? Christian Kurz
- Re: Debian audititing tool? Colin Phipps
- Re: Debian audititing tool? Rene Mayrhofer
- Re: Debian audititing tool? Peter Cordes
- Re: Debian audititing tool? Carey Evans
- Re: Debian audititing tool? Ethan Benson
- Re: Debian audititing tool? Peter Cordes
- Re: Debian audititing tool? Peter Eckersley
- Re: Debian audititing tool? dginsburg
- Re: Debian audititing tool? Rainer Weikusat
- Re: Debian audititing tool? Christian Kurz
- Re: Debian audititing tool? Christian Kurz
