[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: ELPA security
|
From: |
Stephen J. Turnbull |
|
Subject: |
Re: ELPA security |
|
Date: |
Mon, 07 Jan 2013 16:12:59 +0900 |
Jambunathan K writes:
> May be the idea is too ahead for it's time. I wonder whether another
> "serious" distributor like GNU ELPA sprouts forth.
Seems unlikely to me. Why have more than one? I suppose that Red Hat
might redistribute GNU ELPA, but I would imagine they would rely on
the GNU ELPA signatures. Ditto Debian and Ubuntu.
> Is XEmacs a contender here, I don't know.
No. There is provision for signing our packages in our package
infrastructure, but currently they aren't signed, and the
functionality is probably pretty bitrotted. It was way too much
hassle for most users the last time we tried. Even Steve Baur, a
pretty paranoid dude, never advocated mandatory signature checking.
I imagine the state of the art has improved for PKI, and the situation
deteriorated in terms of the risks of cracking, so we may want to
reconsider.
Steve
- Re: ELPA security, Achim Gratz, 2013/01/05
- Re: ELPA security, Ted Zlatanov, 2013/01/06
- Re: ELPA security, Paul Nathan, 2013/01/07
- Re: ELPA security, Jambunathan K, 2013/01/07
- Re: ELPA security, Paul Nathan, 2013/01/07
- Re: ELPA security, Jambunathan K, 2013/01/07
- Re: ELPA security, Paul Nathan, 2013/01/07
- Re: ELPA security,
Stephen J. Turnbull <=
- Re: ELPA security, chad, 2013/01/07
- Re: ELPA security, Ted Zlatanov, 2013/01/07
- Re: ELPA security, Stephen J. Turnbull, 2013/01/07
- Re: ELPA security, Ted Zlatanov, 2013/01/07
- Re: ELPA security, Ted Zlatanov, 2013/01/07
- Re: ELPA security, Stefan Monnier, 2013/01/07
- Re: ELPA security, Ted Zlatanov, 2013/01/08
- Re: ELPA security, Stefan Monnier, 2013/01/08
- Re: ELPA security, Ted Zlatanov, 2013/01/08
- Re: ELPA security, Stefan Monnier, 2013/01/08