Hi, I need a reality check, as it's unclear to me what are the goals of this discussion.
Does anyone involved plan to work on improving things, and then we're discussing where it would be best to focus their energy? If that's the case, then I suggest we try to design solutions with baby steps that can realistically be implemented on the short term. Or is the goal simply to assess the security of our current infrastructure in various threat models? If that's the case, then how about clearly writing these threat models so that we can then reason on the same basis? Or is the goal something entirely different that I missed? Cheers, -- intrigeri | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/85k3k0tuv2....@boum.org