On 06/11/2011 11:06 AM, Eric Richie wrote: > It's always something... > > I'd really prefer that we had an actual fix if at all possible. I don't want > to > see us get into a situation where we go back to the old method, only to have > that fall apart next week and need to rush another release to fix the fix.
I agree entirely. See below. > John, do you guys know anything about this yet? Is it related to the agreement > signing? I suspect the fact that our key hasn't been blacklisted yet is due to the fact that Ivan was actively speaking with someone at ICQ. I could be mistaken, though. > > As much as I hate to say it, this is one of the few situations where we should > hold 1.4.2 again until we know more about what's going on. If we find out that > it's temporary and will require no changes on our part, we'll move forward. If > it requires a fix, I think we should try to do so prior to release. If you need a temporary fix, I'd say use one of the official clients' keys. It's going to be difficult for them to invalidate those keys without hurting their own users, and it'd still be a cat-and-mouse game where all we'd have to do is simply keep copying their new keys. John
signature.asc
Description: OpenPGP digital signature
