On Wed, 17 Dec 2014 21:32:26 -0600 Drake Wilson <drake@xxxxxxxxxxxxxx> wrote: > Doug Newgard wrote: > > LOL, are you serious? Do you know how long Arch operated without > > package signing? You now expect users to panic? > > That's actually why I didn't run Arch before despite liking a lot of > the philosophy. The big sticking point. The only real reason. That's fine, but we haven't gone back to the days of no signing. This entire thread is about the possibility that a vulnerability *could* exist. Not that one does, but that there's some possibility that it could happen. Blowing this way out of proportion. To suggest that users panic because of the possibility of an unknown vulnerability seems ludicrous.
