Re: non-disclosure of infrastructure problem a management issue?

• To: For users of Fedora <fedora-list@xxxxxxxxxx>
• Subject: Re: non-disclosure of infrastructure problem a management issue?
• From: Alan Cox <alan@xxxxxxxxxxxxxxxxxxx>
• Date: Thu, 21 Aug 2008 13:56:42 +0100
• Cc: michaeljgruber+gmane@xxxxxxxxxxx
• In-reply-to: <g8jo18$di3$1@xxxxxxxxxxxxx>
• Organization: Red Hat UK Cyf., Amberley Place, 107-111 Peascod Street, Windsor, Berkshire, SL4 1TE, Y Deyrnas Gyfunol. Cofrestrwyd yng Nghymru a Lloegr o'r rhif cofrestru 3798903
• References: <48AD2F95.2060200@xxxxxxxxx> <g8jo18$di3$1@xxxxxxxxxxxxx>
• Reply-to: For users of Fedora <fedora-list@xxxxxxxxxx>

> If there is an issue severe enough which warrants stopping updates
> (which indicates that rpm signing keys have been compromised) why should
> we trust those fingerprints and servers?

Because you have no other basis of trust at all if you don't believe the
master keys ?

Or you set up a new infrastructure and create the 'provisional fedora
project' or whatever.

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

• Follow-Ups:
  • Re: non-disclosure of infrastructure problem a management issue?
    • From: Michael J Gruber

• References:
  • non-disclosure of infrastructure problem a management issue?
    • From: Bjoern Tore Sund
  • Re: non-disclosure of infrastructure problem a management issue?
    • From: Michael J Gruber

• Prev by Date: Re: Signing for fedora-announce with fedora-list (was Infrastructure status, 2008-08-16 UTC 1530)
• Next by Date: Re: non-disclosure of infrastructure problem a management issue?
• Previous by thread: Re: non-disclosure of infrastructure problem a management issue?
• Next by thread: Re: non-disclosure of infrastructure problem a management issue?
• Index(es):
  • Date
  • Thread