I do wonder if this is the proper time & place to discuss the implications of requiring source code to have been obtained by a "secure path" excluding the internet. Can an internet-enabled open source therefore be considered "secure" by that definition?
-- Keith Bennett
