On 04/03/2013 10:58 PM, Laurens Van Houtven wrote:
> Is the accidental corruption thing a real risk? I thought that was the
> point of, say, TCP checksums :) Perhaps I'm just mistaken as to how
> often his happens in the wild...
TCP checksums absolutely can and do fail to protect you from in-flig
Le 03/04/2013 23:55, Glyph a écrit :
>
> On Apr 3, 2013, at 9:14 AM, Thomas Hervé wrote:
>
>> Hey everyone,
>>
>> During the latest release process, I was left with several things to
>> clarify, so now that it's done I think it's time:
>>
>> * We started building wheels for Windows. What do we d
On 10:18 am, the...@free.fr wrote:
>Le 03/04/2013 23:55, Glyph a écrit :
>>
>>On Apr 3, 2013, at 9:14 AM, Thomas Hervé wrote:
>>>* Glyph mumbled something about sha sums of the release files,
>>>instead
>>>of md5. Should we pursue that? We may need to update some trac
>>>integration code.
>>
>>We
Le 04/04/2013 13:14, exar...@twistedmatrix.com a écrit :
> On 10:18 am, the...@free.fr wrote:
>> OK. I've opened http://pad.lv/1164403 for the required changes in our
>> tool. I'll update the release document once that's done.
>
> Hm. As far as the download/release trac macro goes, the purpose of
On 04:00 pm, the...@free.fr wrote:
>Le 04/04/2013 13:14, exar...@twistedmatrix.com a écrit :
>>On 10:18 am, the...@free.fr wrote:
>>>OK. I've opened http://pad.lv/1164403 for the required changes in our
>>>tool. I'll update the release document once that's done.
>>
>>Hm. As far as the download/rel
On Wed, Apr 3, 2013 at 6:11 AM, Thomas Hervé wrote:
> On behalf of Twisted Matrix Laboratories, I am pleased to announce the
> release of Twisted 13.0.
>
> Among the 70 tickets closed, we can see:
>
> * A new "Introduction to Deferreds" document that you can find here:
> http://twistedmatrix.com
On Thu, Apr 4, 2013 at 12:04 AM, Glyph wrote:
> Security-wise, signing an actually-secure hash is not that much different
> than signing the tarballs themselves. Signing MD5 hashes, on the other
> hand, is useless as a security measure.
>
> I think we should carry on with signing the list of sig
On Apr 4, 2013, at 9:53 AM, exar...@twistedmatrix.com wrote:
> On 04:00 pm, the...@free.fr wrote:
>> Le 04/04/2013 13:14, exar...@twistedmatrix.com a écrit :
>>> On 10:18 am, the...@free.fr wrote:
OK. I've opened http://pad.lv/1164403 for the required changes in our
tool. I'll update th
On Apr 4, 2013, at 11:15 AM, Tristan Seligmann wrote:
> In fact, I believe there is no such thing as "signing the whole binary blob".
> When you use something like gpg --sign, what is actually signed with a public
> key signature algorithm is a hash of the content anyway. Thus, assuming you
>
On Thu, Apr 4, 2013 at 8:15 PM, Tristan Seligmann
wrote:
> In fact, I believe there is no such thing as "signing the whole binary
> blob". When you use something like gpg --sign, what is actually signed with
> a public key signature algorithm is a hash of the content anyway. Thus,
> assuming you u
10 matches
Mail list logo
