On 27.06.24 16:21, Joerg Jaspert wrote:
We haven't refused to make one.We haven't been asked for one, even.
Given that Ansgar still more-or-less insists on his checksum approach, which AFAICT cannot work for many dgit workflows, there's really no point in asking in the first place IMHO.
Also, Russ did update his security review. One of you could have reacted with either "OK, thanks that's good enough, what do you need from us for the next steps?" *or* "sorry but that doesn't convince us, because «reason»" (or possibly "hmm, OK, we (= the ftpmasters) are going to figure out a consensus position on this, give us a week please") without being asked explicitly.
Yes, there's a fair amount of communications breakdown here, obviously, but I don't think it's as one-sided as you imply here.
-- -- regards -- -- Matthias Urlichs
OpenPGP_signature.asc
Description: OpenPGP digital signature
