Aurelien Jarno wrote:
> Like having both public and private SSH keys on gluck.d.o?
Quite frankly, I'm more surprised and concerned about people keeping
their Debian GPG secret key on gluck. This poses serious questions about
trusting the developer's technical aptitude and sense of responsibility.
On Thu, Jul 13, 2006 at 08:44:57PM +0100, Ian Jackson wrote:
> I don't think picking a package and comparing bug reports like for
> like across two distributions is `anecdotal evidence'. Anecdotal
> evidence is statements like `well I tried to submit a bug report and
> was discouraged'.
Yes, I st
El mensaje enviado a la cuenta [EMAIL PROTECTED] ha sido rechazado por poseer
adjuntos con extensiones no permitidas.
Sistema de Correo
Facultad de Medicina
Universidad de Buenos Aires
Argentina
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EM
On Thu, Jul 13, 2006 at 10:49:04PM +0200, Andreas Tille wrote:
> On Thu, 13 Jul 2006, Bas Zoetekouw wrote:
>
> >Or maybe only allow pubkey ssh authentication?
>
> I'd vote for it and I use it since the last break in exclusively.
> The only drawback is that the mail interface to db.d.o is
> somewh
On Thu, 13 Jul 2006, Bas Zoetekouw wrote:
Or maybe only allow pubkey ssh authentication?
I'd vote for it and I use it since the last break in exclusively.
The only drawback is that the mail interface to db.d.o is
somewhat broken but if more people use it the pressure to fix
it might increase.
Steve Kemp wrote:
On Thu, Jul 13, 2006 at 08:18:27PM +0200, Bas Zoetekouw wrote:
An investigation of developer passwords revealed a number of weak
passwords whose accounts have been locked in response.
That's not good.
Should we maybe implement a stricter password policy? Or maybe only
allo
On Thu, Jul 13, 2006 at 08:45:27PM +0100, Ian Jackson wrote:
> Matt Zimmerman writes ("Re: Fundamental flaw in bug reporting system"):
> > We want users who don't know how to write a good bug report to become users
> > who do, not get discouraged and not contribute at all.
>
> This idea is based o
Hi Henning,
On Thu, Jul 13, 2006 at 09:50:49PM +0200, Henning Makholm <[EMAIL PROTECTED]>
wrote:
> Do we have any easy way of locating all recent uploads signed by a
> particular key?
IIRC dak stores GPG fingerprint for each upload in projectb.
Greetings
Martin
--
To UNSUBSCRIBE, email to [
On Thu, Jul 13, 2006 at 08:18:27PM +0200, Bas Zoetekouw wrote:
> > An investigation of developer passwords revealed a number of weak
> > passwords whose accounts have been locked in response.
>
> That's not good.
> Should we maybe implement a stricter password policy? Or maybe only
> allow pub
On 7/13/06, Henning Makholm <[EMAIL PROTECTED]> wrote:
Scripsit Frans Pop <[EMAIL PROTECTED]>
> Should a check/review be done of recent (staring from the date that first
> account was compromised I would guess) uploads where those keys were used
> (even if only by the involved DDs themselves)?
Scripsit Frans Pop <[EMAIL PROTECTED]>
> Should a check/review be done of recent (staring from the date that first
> account was compromised I would guess) uploads where those keys were used
> (even if only by the involved DDs themselves)?
Do we have any easy way of locating all recent uploads
Matt Zimmerman writes ("Re: Fundamental flaw in bug reporting system"):
> We want users who don't know how to write a good bug report to become users
> who do, not get discouraged and not contribute at all.
This idea is based on the misapprehension that we are short of bug
reports, and (I'm sorry
Adam McKenna writes ("Re: Fundamental flaw in bug reporting system"):
> On Tue, Jul 11, 2006 at 05:16:52PM +0100, Ian Jackson wrote:
> > It works because it acts as a filter. Ability and willingness to
> > write a good bug report are correlated pretty strongly with ability
> > and willingness to r
Hi,
On Thursday 13 July 2006 20:24, Martin Zobel-Helas wrote:
> Hi James and all the others,
>
> thanks for your great work and taking care of all our debian.org
> machines. You do an excelent job.
Full ack. Also I'm pretty much impressed about the timely and quite verbose
information on -news a
On Thursday 13 July 2006 20:08, James Troup wrote:
> o Anyone who kept their (Debian) GPG secret key on gluck has had
>their account locked and key removed from the keyring.
Should a check/review be done of recent (staring from the date that first
account was compromised I would guess) uploa
On 7/13/06, Bas Zoetekouw <[EMAIL PROTECTED]> wrote:
Hi Martin!
You wrote:
> Debian Server restored after Compromise
Kudos to debian-admin for sorting out the situation so quickly!
Yes!
> An investigation of developer passwords revealed a number of weak
> passwords whose accounts have bee
Hi Martin!
You wrote:
> Debian Server restored after Compromise
Kudos to debian-admin for sorting out the situation so quickly!
> An investigation of developer passwords revealed a number of weak
> passwords whose accounts have been locked in response.
That's not good.
Should we maybe implem
Hi James and all the others,
thanks for your great work and taking care of all our debian.org
machines. You do an excelent job.
Greetings
Martin
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
To any press/general public type folks who might be reading this: this
mail is mostly aimed at developers - you might want to read Joey's
post[1] on debian-news instead.
19 matches
Mail list logo
