[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: ELPA security
From: |
Stephen J. Turnbull |
Subject: |
Re: ELPA security |
Date: |
Tue, 18 Jun 2013 00:54:32 +0900 |
Ted Zlatanov writes:
> I'd rather not build a certificate infrastructure ourselves.
I have no problem with that.
> CRLs are especially tricky. Trusting a maintainer signature at the
> archive level and verifying it for each package when it's
> downloaded seems like a good compromise for Emacs.
Then there's no need for a signed or unsigned list.
- Re: ELPA security, Ted Zlatanov, 2013/06/16
- Re: ELPA security, Ted Zlatanov, 2013/06/17
- Re: ELPA security, Ted Zlatanov, 2013/06/19
- Re: ELPA security, Stefan Monnier, 2013/06/19
- Re: ELPA security, Ted Zlatanov, 2013/06/23
- Re: ELPA security, Stefan Monnier, 2013/06/23
- Re: ELPA security, Ted Zlatanov, 2013/06/28
- Re: ELPA security, Nic Ferrier, 2013/06/28
- Re: ELPA security, Stefan Monnier, 2013/06/28