Re: Should Fedora rpms be signed?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On Mon, 1 Nov 2004, Jeff Spaleta wrote:

> On Mon, 1 Nov 2004 12:58:22 -0600 (CST), Satish Balay <balay@xxxxxxxxxxx> wrote:

> > No confusion here either - as rawhide packages are never mistaken for
> > erratum packages.
> 
> really? noone ever mistakes a package from rawhide as a consumable package?
> really? no one ever does a random search for a package from an online
> rpm warehouse and finds a package meant as a piece of rawhide and not
> as a consumable update?
> really? no one ever takes packages from the rawhide tree and mixes
> them with updates and creates a homebrew repository that other users
> will be using?
> 
> i think you need to spend more time in general purpose community
> forums and watch how often the less informed are confused about what
> rawhide/development packages are meant for.  Everyone in this
> conversation is in the 1% tail of the distribution of clue in the
> userbase.  Arguing that you are not confused is sort of pointless.  I
> see people confused by what rawhide is, every single day.

Ok the wording of my statement is wrong. (given any tool you'll find
somenoe who'll use it incorrectly - and break it (or break something
else)

But unless you are saing: somehow the current non-gpg-signed packages
are preventing such folks from doing the wrong things (listed above) -
and 'gpg-singing' encourages them to do them - your text adds no
substance to the discussion.

Satish


[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]