On Sunday, June 23, 2024 11:43:47 AM EDT Russ Allbery wrote: > Scott Kitterman <deb...@kitterman.com> writes: > > I think that can work both ways. I am old enough to have seen many > > instances of some new hotness coming along and any objection to it being > > swept aside because it was clear that the people objecting just didn't > > understand why the new hotness was so wonderful and why their concerns > > didn't matter anymore. My experience has been that when those concerns > > have been ignored (they usually are), things often don't end well. > > I'm not quite sure how to phrase this (mostly because I want to use much > stronger language), but I find the belief that what we have just done over > the past week and a half somehow constitutes ignoring concerns to be > rather remarkable. > > A whole lot of other people have been involved in this discussion and deep > in the analysis, but for the moment, I'll just speak for myself here. > > I have, to the absolute best of my ability, taken every concern that > people have raised very seriously. I have spelled out exactly where I > agree with them and where I disagree with them, I have tried to explain in > great detail precisely why I disagree with the concerns that I disagree > with, and I posted an entire formal security analysis to that effect. In > the places where I was wrong, I have tried to say openly that I was wrong > and go back and correct the mistaken things that I said. > > Having all of that quite significant work, which has substantially eaten > into a much-needed vacation and which has literally kept me up nights, > dismissed as ignoring concerns is.... > > Well, I guess I don't have words for that. At least not ones that I want > to write on this mailing list. > > You are entitled to believe that my analysis is wrong. You are not > entitled to claim that I didn't do the work that I did, quite publicly and > openly, right here on this mailing list for everyone to see.
This was not intended as a personal attack on you. I think you've been very diligent in your work and clearly you are trying to be careful to address concerns. I don't think that's true of everyone involved in this conversation. My impression is that there's still a communication gap between people. I think it's, mostly, in good faith, but it's there. As an example, I think the fact that I can download any source package in the archive and cryptographically verify who uploaded it and that it's unmodified from what was uploaded is an important property of our current archive structure. IIRC, you've claimed it's not. I don't think either of us has a very good understanding of why the other believes that. I think for both of us it's just too obviously true/not true to be easy to explain. Scott K P.S. FWIW, the emotional reaction I infer you had when you read my last message on this topic is pretty close to the one I had when I read the message I was replying to.
signature.asc
Description: This is a digitally signed message part.
