On Thu, 4 Nov 2004, Peter Jones wrote: > On Thu, 2004-11-04 at 11:33 +0100, Nils Philippsen wrote: > > On Mon, 2004-11-01 at 18:50 -0500, Peter Jones wrote: > > > On Mon, 2004-11-01 at 17:34 -0600, Satish Balay wrote: > > > > Ok - you & Seth seem to have a solution to the problem. > > > > > > > > Still no good explanation why ALL keys should be treated the same. > > > > > > Because there's nothing about a key that tells you how to treat it. > > > > Exactly. There's where "common sense" comes into play, i.e. I shouldn't > > enable Rawhide repositories if a broken system makes me cry. > > We're not just talking about rawhide. We're talking about Axil's repo, > and Matthais's repo, and the cdparanoia repo on my people.redhat.com > site, and the repo on Seth's website. > > There is no common sense answer to "I have 40 keys signing things and > none of them specify what the signature means". > > Quit thinking that we're talking about one key. We're talking about > many. These are arguments for 'a better key-management-policy' infrastructure. There is no argument here about keeping 'rawhide' unsigned. Satish