On Mon, Dec 25, 2000 at 03:37:38PM -0700, Wes Peters wrote:
> David O'Brien wrote:
> > our own committers to have sloppy habits that could lead a malicious code
> > added to the FreeBSD CVS source repository.
>
> This is exactly the sort of problem we need to solve in a usable and secure
> manner, so we can be an example to hold up and say "this is one way you can
> make it work."
>
> I'm completely open to suggestions as to how we can accomplish that. A few
> ideas leap to mind, but unfortunately, short of an heirarchical calling
> list, none of them really work, relying on other key information that may
> have changed also. Sending an email with the new certs signed by the SO
> or other authoritative key would work, given that everyone already has the
> OS cert or key, unless it is the SO key that is changing.
>
> With a little bit of perspiration, we could probably create a calling list
> that minimizes overseas and long distance calls, but reaching far-flung
> people on the phone is often difficult, expensive work.
Faxes might be a better way of doing this part of the communication.
--
Wilko Bulte Arnhem, the Netherlands
[EMAIL PROTECTED] http://www.freebsd.org http://www.nlfug.nl
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
