On Wed, 2007-08-22 at 14:11 -0400, Jesse Keating wrote: > On Wed, 22 Aug 2007 14:02:47 -0400 > David Zeuthen <davidz@xxxxxxxxxx> wrote: > > > To me, that's totally not what Colin is suggesting. In fact, there are > > things in his mail that actually suggests to *improve* security such > > as replacing, IMO, useless dialogs like "Import this GPG key: > > <hexnumber>" to something more useful (his proposal about timeouts). > > See also my other mail about asking better questions like "Import > > this GPG key: <hexnumber>". > > I got from it that he just wants to do away with the question > entirely. I'm having a hard time figuring out where you guys want to > go. In one hand you say you don't want dialogs at all that ask people > to think or even respond, it just does things. On the other you say as > soon as you allow installing software that is outside of the repos we > ship, the jig is up and we shouldn't care about any sort of security > form that point on. I'm lost :( That's not how I read the thread. Basically - We should include Fedora GPG keys by default. See https://www.redhat.com/archives/fedora-desktop-list/2007-August/msg00285.html why this is a good idea. - Have some dialogs that are actually *useful* when you try to install software that comes from outside Fedora. See https://www.redhat.com/archives/fedora-desktop-list/2007-August/msg00274.html https://www.redhat.com/archives/fedora-desktop-list/2007-August/msg00279.html for some ideas. Is it more clear now? David -- Fedora-desktop-list mailing list Fedora-desktop-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-desktop-list