On 11/20/2009 01:36 AM, Mohan R wrote: > Rahul Sundaram wrote: >> On 11/20/2009 01:02 AM, Mohan R wrote: >> >>> Even the Fedora administrator's SSH key can be >>> compromised/stolen/whatever, how can you guys put weight on >>> package-signatures and dropped privileges to install apps? >> >> SSH Key != GPG key. Packages are signed with GPG key. Anyway it wasn't >> my decision and lot of us including me don't agree this is the right >> process to follow. So let's not pain broad brushes. Alright? > > I'm sure it will be alright. Also I know SSH Key != GPG, I asked that > fedora already came across an event that modified its package's GPG key > through an admin's SSH key, then how the team decided to go for this > kind of decision.
Err, "the team" didn't. PackageKit isn't Fedora specific. You seem to be assuming that there is a monolithic entity working on changes. That is far from the case. There are thousands of developers working on various things. Today, the Fedora Engineering team will meet on IRC and make a decision on the right path forward. That would be a team decision. Rahul _______________________________________________ To unsubscribe, email [email protected] with "unsubscribe <password> <address>" in the subject or body of the message. http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
