Le 16/05/2013 20:40, Russ Allbery a écrit :
> What am I missing?
>
> I suppose one thing that I could be missing is that, with a certificate,
> you have no privacy controls over what metadata you release. Whatever you
> put in the certificate is visible to anyone who looks at the certificate.
> (
On Monday 13 May 2013 11:26 PM, Thomas Goirand wrote:
> On 05/13/2013 03:06 PM, Ritesh Raj Sarraf wrote:
>> > 1) Duplicate bug reports: There are high possibilities that we could see
>> > a sudden increase in the number of bug reports, many duplicates. This is
>> > something I'm not sure how we wan
Le 16/05/2013 18:37, Russ Allbery a écrit :
>>> You could, in theory, switch to DNSSEC, but now you're just replacing
>>> one CA cartel with another.
>
>> Except that with DNSSEC (and DANE), the number of people you have to
>> trust is much smaller.
>
> Right, it depends on what your risk model i
Josselin Mouette writes:
> Le jeudi 16 mai 2013 à 17:35 -0700, Russ Allbery a écrit :
>> I have a C shared library that takes a pointer to an opaque struct as
>> the first argument to most of its API calls. The internal layout of
>> that opaque struct is changing (to add new members). The only
On Fri, May 17, 2013 at 4:31 AM, Chow Loong Jin wrote:
> On 17/05/2013 01:01, Pau Garcia i Quiles wrote:
> >
> > Patch releases are NOT available as zip files and the list of
> wrongdoings is long:
> > - Patch releases are only available from the git repository
> c5fe17bb4459164bd59153b57248cf94b
On Fri, May 17, 2013 at 2:35 AM, Russ Allbery wrote:
> I have a C shared library that takes a pointer to an opaque struct as the
> first argument to most of its API calls. The internal layout of that
> opaque struct is changing (to add new members). The only way to create
> the opaque state stru
Le jeudi 16 mai 2013 à 17:35 -0700, Russ Allbery a écrit :
> I have a C shared library that takes a pointer to an opaque struct as the
> first argument to most of its API calls. The internal layout of that
> opaque struct is changing (to add new members). The only way to create
> the opaque stat
Hi!
On Thu, 2013-05-16 at 17:35:10 -0700, Russ Allbery wrote:
> I have a C shared library that takes a pointer to an opaque struct as the
> first argument to most of its API calls. The internal layout of that
> opaque struct is changing (to add new members). The only way to create
> the opaque s
On Fri, May 17, 2013 at 1:01 AM, Pau Garcia i Quiles wrote:
> I am having trouble with my package jquery-jplayer (a JavaScript library
> with Flash fallback) and I would like to ask for advice on how to proceed
I would suggest asking upstream again to properly git tag patch
releases, make branche
Hi!
[ Just saw while drafting this, that you filed the bug on policy, so
sending a copy there too, let's continue the discussion there then. ]
On Wed, 2013-05-15 at 09:51:23 -0700, Russ Allbery wrote:
> Andreas Beckmann writes:
> > On 2013-05-15 09:58, Ondřej Surý wrote:
> >> The '2' in libgd2
On May 16, Russ Allbery wrote:
> DNSSEC isn't going to help. I think it's best to assume that both the US
> and Chinese governments, at least, can make DNSSEC say what they want it
> to if they ever needed to.
Maybe, but I think it's also safe to assume that the USG has no way of
interfering wi
On 17/05/2013 01:01, Pau Garcia i Quiles wrote:
>
> Patch releases are NOT available as zip files and the list of wrongdoings is
> long:
> - Patch releases are only available from the git repository
Maybe I'm daft, but I can't seem to find any patch releases, actually. Where are
they stored?
-
The following is a listing of packages for which help has been requested
through the WNPP (Work-Needing and Prospective Packages) system in the
last week.
Total number of orphaned packages: 514 (new: 1)
Total number of packages offered up for adoption: 140 (new: 5)
Total number of packages request
I have a C shared library that takes a pointer to an opaque struct as the
first argument to most of its API calls. The internal layout of that
opaque struct is changing (to add new members). The only way to create
the opaque state struct is via a call to remctl_new(), which returns a
pointer to i
Hello everybody,
For those interested in learning more about triggers, including the "noawait"
forms, which Guillem reminded us that they should be the ones to use in most of
the cases, I recommend to have a look to the patch in preparation for the
Debian Policy.
http://bugs.debian.org/cgi-b
On 05/16/2013 03:52 PM, Jonas Smedegaard wrote:
> I think you are missing the potential for third-parties to make use of
> identifiers without needing authentication.
well, they still need to do authentication. For example, consider three
(not necessarily incompatible) channels to tie authentic
Joshuah Hurst dixit:
>Solaris 11, OpenSolaris and Illumos use ksh93 as /bin/sh
Yeah, but it’s not eligible for that in Debian, as Debian guarantees
the usability of “local” even for /bin/sh scripts. I wrote about that
already, IIRC even in this thread.
>/usr/bin/sh
Yuk, Solaris abomination.
>a
Hi David,
David Mohr (16/05/2013):
> I filed bug #708299 [1] but realize that it's not really an issue
> with that package: dpkg doesn't like it when buildd adds an
> architecture specific entry to changelog.Debian: […]
everyone knows:
https://lists.debian.org/debian-release/2013/05/msg00418.
On Tue, May 7, 2013 at 4:23 PM, Thorsten Glaser wrote:
>
> Andreas Beckmann debian.org> writes:
>
> > now might be the right time to start a discussion about release goals
> > for jessie. Here are some points that come into my mind right now (and
>
> * Resolve that /bin/sh issue (see the open RC
Jonas Smedegaard writes:
> Quoting Russ Allbery (2013-05-16 19:57:59)
>> Sure, but if you have control over the server certificate and are tying
>> the server certificate to the user certificate via some mechanism like
>> Monkeysphere, why do the whole indirection dance through a URI at all?
> B
Hi,
I filed bug #708299 [1] but realize that it's not really an issue with
that package: dpkg doesn't like it when buildd adds an architecture
specific entry to changelog.Debian:
Preparing to replace libgl1-mesa-dri:amd64 8.0.5-4 (using
.../libgl1-mesa-dri_8.0.5-4+b1_amd64.deb) ...
Unpack
Put git updates as a patch, e. g. debian/patches/git-update.patch
Bump debian part of version as usual.
AFAIK python is packaged in this way
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive:
Moritz Mühlenhoff writes:
> Agreed. I made a concentrated effort for Wheezy by submitting lots of
> patches for crucial packages and the general adoption among maintainers
> is increasing. Also, Simon Ruderich's blhc tool has been very useful and
> hardening checks are now also part of lintian.
Christoph Biedl schrieb:
> Another thing: Hardening already has been a release goal but there
> still are packages around without.
Agreed. I made a concentrated effort for Wheezy by submitting lots of
patches for crucial packages and the general adoption among maintainers
is increasing. Also, Sim
Excerpts from Wouter Verhelst's message of 2013-05-14 03:22:14 -0700:
> On 13-05-13 05:59, Mark Symonds wrote:
> > Can we keep the distribution simple enough for nearly anyone to understand?
> >
>
> No.
>
> The goal of Debian is not to be "simple". While we should document
> things as much as
Quoting Russ Allbery (2013-05-16 20:40:24)
> Jonas Smedegaard writes:
> > Quoting Russ Allbery (2013-05-16 18:37:06)
>
> >> but it's not clear to me why we'd bother as opposed to just issuing
> >> client X.509 certificates with the metadata already included.
>
> > Because the very separation of
Quoting Daniel Kahn Gillmor (2013-05-16 20:38:41)
> On 05/16/2013 01:57 PM, Russ Allbery wrote:
> > If introduce Monkeysphere to do the URI endpoint verification, it
> > seems to me like you could just as easily introduce Monkeysphere to
> > do the user certificate verification directly, thus rem
Package: wnpp
Severity: wishlist
Owner: Oleg Gashev
* Package name: libmoosex-role-strict-perl
Version : 0.05
Upstream Author : Curtis "Ovid" Poe
* URL : https://metacpan.org/release/MooseX-Role-Strict/
* License : Artistic or GPL-1+
Programming Lang: Perl
Quoting Russ Allbery (2013-05-16 19:57:59)
> Jonas Smedegaard writes:
> > Quoting Russ Allbery (2013-05-16 17:42:20)
> >> Jonas Smedegaard writes:
>
> >>> This seems similar as WebID: In principle ties to HTTPS - and
> >>> therefore the CA cartel - is only optional (other URIs than http
> >>>
Package: wnpp
Severity: wishlist
Owner: Oleg Gashev
* Package name: libmoosex-classattribute-perl
Version : 0.27
Upstream Author : Dave Rolsky
* URL : https://metacpan.org/release/MooseX-ClassAttribute/
* License : Artistic-2.0
Programming Lang: Perl
Descr
Jonas Smedegaard writes:
> Quoting Russ Allbery (2013-05-16 18:37:06)
>> but it's not clear to me why we'd bother as opposed to just issuing
>> client X.509 certificates with the metadata already included.
> Because the very separation of identifiers from the identified makes the
> identifiers u
On 05/16/2013 01:57 PM, Russ Allbery wrote:
> If introduce Monkeysphere to do the URI endpoint verification, it seems to
> me like you could just as easily introduce Monkeysphere to do the user
> certificate verification directly, thus removing the need to introduce a
> third party metadata provide
On 05/15/2013 11:04 PM, Philip Hands wrote:
> Do you have any thoughts on how that compares with using
> BrowserID/Persona? I'd got the impression that BrowserID has been put
> together learning from mistakes of OpenID & WebID, but perhaps I'm just
> swallowing their marketing.
It looks to me li
Quoting Russ Allbery (2013-05-16 18:37:06)
> So, again, it comes down to what problem we're trying to solve. If
> the problem is just how do we authenticate Debian contributors to
> Debian systems, then we're actually in the institutional case and we
> don't have to trust anyone outside the pro
Jonas Smedegaard writes:
> Quoting Russ Allbery (2013-05-16 17:42:20)
>> Jonas Smedegaard writes:
>>> This seems similar as WebID: In principle ties to HTTPS - and
>>> therefore the CA cartel - is only optional (other URIs than http ones
>>> suffice). In reality alternatives to HTTP(S) is work
[ Cc'ing Daniel to help kill my misconceptions, as need be ]
Quoting Russ Allbery (2013-05-16 17:42:20)
> Jonas Smedegaard writes:
>
> > This seems similar as WebID: In principle ties to HTTPS - and
> > therefore the CA cartel - is only optional (other URIs than http
> > ones suffice). In rea
Hello,
I am having trouble with my package jquery-jplayer (a JavaScript library
with Flash fallback) and I would like to ask for advice on how to proceed
Major and minor releases are available as zip files from the official
website ( http://jplayer.org/download/ ) and they are tagged in the git
r
On Thu, May 16, 2013 at 08:03:33AM +0100, Lars Wirzenius wrote:
>
> I'd use a PPA-style package repository of some sort, and then advertise
> it to people might want to try that version of the package.
Then it makes more sense to upload it to experimental to me.
Kurt
--
To UNSUBSCRIBE, email
On Tue, 2013-05-07 at 14:15:56 +0200, Guillem Jover wrote:
> The “dpkg (>= 1.15.4) | install-info” dependency can also be dropped
> from packages providing an info file, because all info-browsers are
> now guaranteed (due to the release) to Depend on install-info. I'll
> file a bug on debhelper and
Wouter Verhelst writes:
> On 16-05-13 17:42, Russ Allbery wrote:
>> You could, in theory, switch to DNSSEC, but now you're just replacing
>> one CA cartel with another.
> Except that with DNSSEC (and DANE), the number of people you have to
> trust is much smaller.
Right, it depends on what your
On 16-05-13 17:42, Russ Allbery wrote:
> You could, in theory, switch to DNSSEC, but now you're just replacing one
> CA cartel with another.
Except that with DNSSEC (and DANE), the number of people you have to
trust is much smaller.
--
This end should point toward the ground if you want to go to
On 16/05/13 16:42, Russ Allbery wrote:
> In essence, [WebID]
> moves the authentication problem from user authentication to
> URI endpoint authentication, under the theory that we already know how to
> validate URI endpoints and that such validation is an easier problem.
... or to look at it anoth
On Jo, 16 mai 13, 10:52:05, Neil McGovern wrote:
> On Thu, May 16, 2013 at 12:29:11AM +0200, Kurt Roeckx wrote:
> > Some upstreams have a testing branch of there software and a
> > release branch. It's sometimes useful to have people test the
> > version in from the testing branch, and having it a
Jonas Smedegaard writes:
> This seems similar as WebID: In principle ties to HTTPS - and therefore
> the CA cartel - is only optional (other URIs than http ones suffice).
> In reality alternatives to HTTP(S) is work in progress.
Changing the protocol doesn't help you get away from the CA depe
On Thu, May 16, 2013 at 12:29:11AM +0200, Kurt Roeckx wrote:
> Some upstreams have a testing branch of there software and a
> release branch. It's sometimes useful to have people test the
> version in from the testing branch, and having it available in
> Debian makes it easier for people to test i
On Tue, 2013-05-14 at 08:50:39 +0800, Paul Wise wrote:
> On Mon, May 13, 2013 at 11:17 PM, Stéphane Glondu wrote:
> > Le 13/05/2013 15:51, Paul Wise a écrit :
> >> [...] as long
> >> as there is a way to build-depend on the build-dependencies for a
> >> source package, that should be fine. As a bon
Hi,
We are interested in buying non-standard ad placements on your site
- debian. org.
We offer flat CPM, long term partnership. Can discuss buying all
impressions.
Please contact me for more details.
Thanks,
Irene
--
Sales and Marketing Manager
*Nster, LLC*
*7709 Santa Monica Blvd.*
*Wes
On 2013-05-15 20:27:09 +0200, Jean-Christophe Dubacq wrote:
> No. Your server comes unconfigured, you do configure it while the other
> is still working, and then you stop the service on the first, finish
> syncing the mailboxes, switch the MX record, and then you can go to
> rest.
This is not pos
On Thu, May 16, 2013 at 12:29:11AM +0200, Kurt Roeckx wrote:
> One thing I'm wondering about, and you don't seem to talk about is
> what versions end up in a release.
>
> Some upstreams have a testing branch of there software and a
> release branch. It's sometimes useful to have people test the
>
Quoting Stéphane Glondu (2013-05-16 10:57:19)
> Le 16/05/2013 05:04, Philip Hands a écrit :
> > Do you have any thoughts on how that compares with using
> > BrowserID/Persona? I'd got the impression that BrowserID has been
> > put together learning from mistakes of OpenID & WebID, but perhaps
>
On Wed, May 15, 2013 at 03:39:54PM +, Thorsten Glaser wrote:
> As for your requests of data: I do not provide them. As I said above,
> I???m pushing for freedom of choice, not switching the default; of course
> I???d be happy with the latter, even more so actually, but it must be a
> thing not
On Thu, May 16, 2013 at 9:53 AM, Mathieu Malaterre wrote:
> On Thu, May 16, 2013 at 7:05 AM, Eugene Zhukov wrote:
>> Hello,
>>
>> I'm trying to download sources using d/watch and uscan. Here is the
>> output of uscan --verbose --force-download:
>> -- Scanning for watchfiles in .
>> -- Found watch
On Thu, May 16, 2013 at 10:30 AM, Eugene Zhukov wrote:
> On Thu, May 16, 2013 at 9:53 AM, Mathieu Malaterre wrote:
>> On Thu, May 16, 2013 at 7:05 AM, Eugene Zhukov wrote:
>>> Hello,
>>>
>>> I'm trying to download sources using d/watch and uscan. Here is the
>>> output of uscan --verbose --force
Package: wnpp
Severity: wishlist
Owner: Joao Eriberto Mota Filho
* Package name: mac-robber
Version : 1.02
Upstream Author : Brian Carrier
* URL : http://www.sleuthkit.org/mac-robber
* License : GPL2
Programming Lang: C
Description : collects data abou
Thomas Goirand writes:
> Now please, do the same reasoning with some other services,
> like Apache, pure-ftpd, or bind, and explain to me why you would
> like to have these installed, but not working.
As a developer I have often found use for having Apache installed, just
so I can start it as a
On 13-05-13 06:16, Paul Wise wrote:
> On Mon, May 13, 2013 at 1:01 AM, Philip Hands wrote:
>
>> I don't know about you, but I find it quite reassuring to be able to
>> confirm that the first half of an install is going pretty well when I
>> get to see the "useless" dummy page from Apache. I'd ima
On 15-05-13 17:39, Thorsten Glaser wrote:
> As for your requests of data: I do not provide them. As I said above,
> I’m pushing for freedom of choice, not switching the default; of course
> I’d be happy with the latter, even more so actually, but it must be a
> thing not driven by me;
I see.
In t
On 12-05-13 04:03, Paul Wise wrote:
> On Sun, May 12, 2013 at 1:03 AM, Wookey wrote:
>
>> I'd vote for that too, as it would be very helpful for
>> cross-toolchain building. I hadn't realised that source build-deps
>> was a possibility. Is it? Does anyone have a proposal for how it might
>> work?
Hi Thorsten
On 11-05-13 20:26, Thorsten Glaser wrote:
> Steve Langasek debian.org> writes:
>
>> This is not a sensible goal. Choice of /bin/sh should *not* be the goal,
>> the goal should be to get a good, fast, minimal, policy-compliant /bin/sh
>> for *everyone*.
>
> Sure. We just disagree wh
On Thu, May 16, 2013 at 7:05 AM, Eugene Zhukov wrote:
> Hello,
>
> I'm trying to download sources using d/watch and uscan. Here is the
> output of uscan --verbose --force-download:
> -- Scanning for watchfiles in .
> -- Found watchfile in ./debian
> -- In debian/watch, processing watchfile line:
>
On Sun, May 12, 2013 at 02:40:39AM +0100, Wookey wrote:
> +++ Steve Langasek [2013-05-11 09:33 -0700]:
> > On Sat, May 11, 2013 at 11:22:10AM +0200, Goswin von Brederlow wrote:
>
> > > While that might be of some interest the real goal of the change was
> > > to be able to have more than *2* packa
On Tue, May 14, 2013 at 12:21:33PM -0500, Steve Langasek wrote:
> On Tue, May 14, 2013 at 10:03:34AM -0700, Russ Allbery wrote:
>
> > I think that, to convince people that flexibility won't cause stability
> > and complexity problems, you're going to need to present a complete and
> > fairly bulle
On Sat, May 11, 2013 at 08:44:30PM +0100, Roger Leigh wrote:
> On Sat, May 11, 2013 at 08:52:29PM +0200, Josselin Mouette wrote:
> > Being able to choose between two entirely different desktop
> > environments, with different user experiences, is a good thing.
> > Being able to choose between two /
On Sun, May 12, 2013 at 02:40:39AM +0100, Wookey wrote:
> +++ Steve Langasek [2013-05-11 09:33 -0700]:
> > On Sat, May 11, 2013 at 11:22:10AM +0200, Goswin von Brederlow wrote:
>
> > > While that might be of some interest the real goal of the change was
> > > to be able to have more than *2* packa
On Sat, May 11, 2013 at 05:29:45PM +0200, Sven Joachim wrote:
> On 2013-05-11 11:22 +0200, Goswin von Brederlow wrote:
>
> > While that might be of some interest the real goal of the change was
> > to be able to have more than *2* packages provide /bin/sh.
> >
> > Currently, due to the totaly scre
On Wed, May 15, 2013 at 09:43:02PM +0200, Christoph Biedl wrote:
> Christoph Anton Mitterer wrote...
>
> > 2) No more packages that bypass the package management system and secure
> > apt:
> > a) There are still several (typically non-free) packages which download
> > stuff from the web, install o
On Lu, 06 mai 13, 14:49:57, Andreas Beckmann wrote:
> Hi,
>
> now might be the right time to start a discussion about release goals
> for jessie.
How about setting default umask for users (uid >= 1000) to 002?
Kind regards,
Andrei
--
http://wiki.debian.org/FAQsFromDebianUser
Offtopic discussio
On Sun, May 12, 2013 at 12:17:06PM +0200, Vincent Lefevre wrote:
> On 2013-05-07 23:53:07 +0800, Thomas Goirand wrote:
> > Now please, do the same reasoning with some other services,
> > like Apache, pure-ftpd, or bind, and explain to me why you would
> > like to have these installed, but not worki
On Sun, May 12, 2013 at 05:06:26PM +0200, Matthias Klose wrote:
> Am 12.05.2013 16:18, schrieb Daniel Schepler:
> > Maybe we could have a release goal of dropping as many lib32* and lib64*
> > packages as possible in favor of multi-arch. (And also as many package
> > dependencies on libc6-[i386|am
Le 16/05/2013 05:04, Philip Hands a écrit :
> Do you have any thoughts on how that compares with using
> BrowserID/Persona? I'd got the impression that BrowserID has been put
> together learning from mistakes of OpenID & WebID, but perhaps I'm just
> swallowing their marketing.
IIUC, there is no
70 matches
Mail list logo
