On Sat, Apr 01, 2000 at 03:18:17PM -0700, Jason Gunthorpe wrote: > > Now link 2. It is currently absent. What you seem to suggest is to add a key > > (dinstall-key) here, so the user can verify the archive. This adds a point > > of weakness. As the dinstall key can't be used automatically and kept > > "truly"[1] > > How about this, if someone was able to hack master to the point of being > able to get the dinstall key, I assure you they would be able to hack > some]weak developer machine and lift their key too.
This is a seperate problem. I agree that this should not be the case, but it has no place in this discussion. If individual developer keys are compromised, we have a problem no matter what. Developers should not store secret keys on net connected machines, point. However, this only affects the developers packages, not the whole archive. > I also assert that the > chance of a hacker getting the security key is lower than say 50% of the > keys in our keyring. I would not make such claims. In any way, see above. Thanks, Marcus -- `Rhubarb is no Egyptian god.' Debian http://www.debian.org Check Key server Marcus Brinkmann GNU http://www.gnu.org for public PGP Key [EMAIL PROTECTED], [EMAIL PROTECTED] PGP Key ID 36E7CD09 http://homepage.ruhr-uni-bochum.de/Marcus.Brinkmann/ [EMAIL PROTECTED]