On Wed, 14 Feb 2007 22:14:53 PST, Andreas Gruenbacher said: > I agree, that's really what should happen. We solve this by marking modules as > supported, partner supported, or unsupported, but in an "insecure" way, so > partners and users could try to fake the support status of a module and/or > remove status flags from Oopses, and cryptography wouldn't save us.
Where cryptography *can* save you is that a partner or user can't fake a 'Suse Supported' signature without access to the Suse private key.
pgpv9aSScJwDV.pgp
Description: PGP signature
