On 4/23/08, Torsten Curdt <[EMAIL PROTECTED]> wrote: <snip/> > > The amount of security rigor applied that would cause an unsigned key > > to be a blocking factor for signing releases would probably also > > discount the above from being acceptable. > > > > Why is that? I cannot follow that argument > <snap/>
Tautologically, without co-existing in some web of trust, there cannot be a trustworthy channel. ASF hardware offers a (weaker) proxy for such a web. -Rahul --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
