-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > Considering that this is a security-related system catalog update, is > there any way of providing some sort of signature for a message like > this such that the community can feel that issuing some arcane commands > as a superuser won't open a hole rather than close one? An excellent point. Ideally someone (Tom) would be using GnuPG to sign important messages like this with a digital signature. However, there are a few checks one could do until that happens. One, compare his headers with previous ones. Second, check the page at www.postgresql.org for a matching announcement. Third, wait five minutes for the real Tom Lane to denounce any fake email sent in his name. :) If it makes you feel better, I'm 100% sure that was a legitimate email, and I am going to sign this. :) - -- Greg Sabino Mullane greg@xxxxxxxxxxxx PGP Key: 0x14964AC8 200505040739 http://biglumber.com/x/web?pk=2529DF6AB8F79407E94445B4BC9B906714964AC8 -----BEGIN PGP SIGNATURE----- iD8DBQFCeLTwvJuQZxSWSsgRAtACAKDvyylXy1MliqSs8Jsoz7XicXmBagCgoprg qKPTIVv55E3ne19OGvtOTHM= =IFvp -----END PGP SIGNATURE-----
