On Thu, 4 Nov 2004, Peter Jones wrote:
On Thu, 2004-11-04 at 11:33 +0100, Nils Philippsen wrote:
On Mon, 2004-11-01 at 18:50 -0500, Peter Jones wrote:
On Mon, 2004-11-01 at 17:34 -0600, Satish Balay wrote:
Ok - you & Seth seem to have a solution to the problem.
Still no good explanation why ALL keys should be treated the same.
Because there's nothing about a key that tells you how to treat it.
Exactly. There's where "common sense" comes into play, i.e. I shouldn't enable Rawhide repositories if a broken system makes me cry.
We're not just talking about rawhide. We're talking about Axil's repo, and Matthais's repo, and the cdparanoia repo on my people.redhat.com site, and the repo on Seth's website.
There is no common sense answer to "I have 40 keys signing things and none of them specify what the signature means".
Quit thinking that we're talking about one key. We're talking about many.
These are arguments for 'a better key-management-policy' infrastructure. There is no argument here about keeping 'rawhide' unsigned.
Satish