[ re-adding Isaac to CC ] On Thu, 2003-08-21 at 15:33, Matt Zimmerman wrote:
> I would say that by default, it should go ahead and use the unsecured > sources, but display a warning to the user. This is a change from "expect > security only when explicitly requested" and "expect security by default". > Because most software does (and will continue to) come from Debian proper, > and thus will be signed, unofficial repositories will become the exceptional > case, and I think this strategy can work. Ok. Aj, do you agree? There is something nagging me about this - I have a feeling that there was a better reason we decided to put the source name in the sources.list, but after briefly going over my apt-secure mail I don't see it. > A force option could be provided, but I think it would be better to make it > a no-brainer for a source to be secured. I agree with that. > I think that per-release keys make more sense than per-year keys for this > reason. Ok - you will have to convince the ftpmasters too. Just a note: I don't think I'll have much time to implement these changes until late next week at the earliest. Probably later than that actually. So if you beat me to it, that's great :) Your changes will make the code significantly simpler, by the way. Mostly the work will be deleting code. In fact it will almost be like just adding the gpgv method.
