On Thu, 11 Apr 2013, Russ Allbery wrote:
> Sandboxing programming languages is very difficult; most languages
> don't even attempt it. Perl used to have a sandboxing module and
> gave up on it because it was too hard, thus making it even less
> secure than Java in that specific respect, but no one
Thomas Goirand writes:
> On 04/12/2013 03:25 AM, Tollef Fog Heen wrote:
>> The Yubikey neo can run the java applet thingies, it seems, so it can
>> act as a GPG token too.
> Please, please, please ... no java!!! That's a security nightmare. I
> think we'd be less safe with than without it.
You
]] Thomas Goirand
> On 04/12/2013 03:25 AM, Tollef Fog Heen wrote:
> > The Yubikey neo can run the java applet thingies, it seems, so it can
> > act as a GPG token too.
> Please, please, please ... no java!!!
> That's a security nightmare. I think we'd be less safe with
> than without it.
Pleas
On 12/04/13 07:56, Thomas Goirand wrote:
> On 04/12/2013 03:25 AM, Tollef Fog Heen wrote:
>> The Yubikey neo can run the java applet thingies, it seems, so it can
>> act as a GPG token too.
> Please, please, please ... no java!!!
> That's a security nightmare. I think we'd be less safe with
> th
On 04/12/2013 03:25 AM, Tollef Fog Heen wrote:
> The Yubikey neo can run the java applet thingies, it seems, so it can
> act as a GPG token too.
Please, please, please ... no java!!!
That's a security nightmare. I think we'd be less safe with
than without it.
Also, while I think the idea is nice,
Package: wnpp
Severity: wishlist
Owner: Xavier Guimard
* Package name: libparallel-runner-perl
Version : 0.012
Upstream Author : Chad Granum
* URL : https://metacpan.org/release/Fennec
* License : Artistic or GPL-1+
Programming Lang: Perl
Description :
The following is a listing of packages for which help has been requested
through the WNPP (Work-Needing and Prospective Packages) system in the
last week.
Total number of orphaned packages: 513 (new: 10)
Total number of packages offered up for adoption: 147 (new: 2)
Total number of packages reques
Hi,
On Thu Apr 11, 2013 at 19:04:24 -0300, Lisandro Damián Nicanor Pérez Meyer
wrote:
> On Thu 11 Apr 2013 16:04:40 Luca Filipozzi escribió:
> [snip]
> > Finally, if we are going to require DDs to have a physical object
^^
||
> In other words: -1 from me.
I read Luca
On Thu 11 Apr 2013 16:04:40 Luca Filipozzi escribió:
[snip]
> Finally, if we are going to require DDs to have a physical object
Then the project would possibly start loosing contributors like me, who have
lots of problems with customs and getting dollars, specially if it's about
technological st
On Thu, Apr 11, 2013 at 03:35:35PM -0400, Paul Tagliamonte wrote:
> I really hate the idea of "loosing" an unencrypted copy of my GPG
> private half. I misplace everything, I don't need someone finding a copy
> of my GPG key and abusing it :)
You write the private key to the token. You can't read
Hi,
> Aslo, we have sso.debian.org, whose use we should expand.
DACS (http://dacs.dss.ca) the software behind sso.debian.org also
support one-time passwords [1]. I had no time yet to setup anything
regarding this, but I welcome help.
Cheers,
Martin
[1] http://dacs.dss.ca/man/dacstoken.1.html
On Thu, Apr 11, 2013 at 07:04:40PM +, Luca Filipozzi wrote:
> Aslo, we have sso.debian.org, whose use we should expand.
I'd love to see that.
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archi
On 11/04/13 21:25, Tollef Fog Heen wrote:
> ]] Luca Filipozzi
>
>> I can help with a GSoC but I think DSA would prefer to lean in the direction
>> of
>> the above.
>
> I'm also happy to help with it. I have a bit of experience with the
> yubikey tokens, and at least one of the upstreams is on
On Thu, Apr 11, 2013 at 09:25:02PM +0200, Tollef Fog Heen wrote:
> ]] Luca Filipozzi
>
> > I can help with a GSoC but I think DSA would prefer to lean in the
> > direction of
> > the above.
>
> I'm also happy to help with it. I have a bit of experience with the
> yubikey tokens, and at least o
]] Luca Filipozzi
> I can help with a GSoC but I think DSA would prefer to lean in the direction
> of
> the above.
I'm also happy to help with it. I have a bit of experience with the
yubikey tokens, and at least one of the upstreams is on the path to
DDship, so I think we're reasonably well co
Hi,
DSA are already looking at two factor authentication, but TOTP based rather
than HOTP. There are plenty of TOTP calculators that could be deployed on
smart phones, etc. rather than requiring DDs to own a YubiKey (and have USB
port available... i wonder if my iPad has a USB port...).
Interest
Fedora recently put in Yubikey for their packagers[1], although they are
only half way there, supporting sudo but not web auth so far.
Similar things could probably happen in Debian.
I've proposed two-factor authentication as a potential area for a GSoC
project[2], two things come up:
a) would
On Thu, 2013-04-11 at 11:50:35 +0200, Laurent Bigonville wrote:
> > Jon Dowland wrote:
> > >Hi Laurent, thanks for the clarification â?? to ask a related
> > >question. What's the worth of FPM on Debian? Especially given the
> > >issues that Wouter has raised in the bug¹
> > >
> > >¹ http://bugs.
Package: wnpp
Severity: wishlist
Owner: Joao Eriberto Mota Filho
* Package name: pcapfix
Version : 0.7.2
Upstream Author : Robert Krause
* URL : http://f00l.de/pcapfix
* License : GPL3
Programming Lang: C
Description : repair broken pcap files
pcapfi
Package: wnpp
Severity: wishlist
Owner: Salvo Tomaselli
* Package name: chinese-checkers
Version : 0.1
Upstream Author : Many authors
* URL : https://github.com/ltworf/tin171
* License : GPL
Programming Lang: Python, Erlang
Description : Multiplayer imp
Le Thu, Apr 11, 2013 at 08:27:16AM +0200, Joerg Jaspert a écrit :
>
> https://ftp-master.debian.org/crypto-in-main/
>
> Plus one mail for *every* NEW accepted package. Each and every time.
> Send to them.[1] See the dak git repo for the bxa stuff.
>
>
> [1] Nowadays only stored in a mailbox fro
On 04/11/2013 08:27 AM, Joerg Jaspert wrote:
>
> https://ftp-master.debian.org/crypto-in-main/
>
> Plus one mail for *every* NEW accepted package. Each and every time.
> Send to them.[1] See the dak git repo for the bxa stuff.
>
>
> [1] Nowadays only stored in a mailbox from us, at request from
Package: wnpp
Severity: wishlist
Owner: Jonas Smedegaard
* Package name: compass-breakpoint-plugin
Version : 2.0.2
Upstream Author : Mason Wendell , Sam Richard
* URL : https://github.com/Team-Sass/breakpoint
* License : Expat or GPL-2
Programming Lang: Sas
> Jon Dowland wrote:
> >On Tue, Apr 09, 2013 at 05:33:20PM +0200, Laurent Bigonville wrote:
> >> This ruby gem is needed by FPM (see my ITP[0]).
> >
> >Hi Laurent, thanks for the clarification â?? to ask a related
> >question. What's the worth of FPM on Debian? Especially given the
> >issues that W
Hello again!
Given the very positive response on my RFH I'm following up
with one more wish I forgot to mention.
If you are interested in learning more about the advanced networking
features provided by the linux kernel. Want to get into the gory details
and learn stuff that not many other pe
Hello Thomas!
On Wed, Apr 10, 2013 at 10:32:48PM +0200, Thomas Preud'homme wrote:
> Le mercredi 10 avril 2013 21:33:32, Andreas Henriksson a écrit :
[...]
> > "Please perform a full source scan and document all licensing information."
> > As requested by ftp-masters.
>
> I didn't find a bug repor
26 matches
Mail list logo
