[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#61277: FR: ELPA security - Restrict package builds to signed git com
From: |
Richard Stallman |
Subject: |
bug#61277: FR: ELPA security - Restrict package builds to signed git commits |
Date: |
Wed, 15 Feb 2023 00:17:14 -0500 |
[[[ To any NSA and FBI agents reading my email: please consider ]]]
[[[ whether defending the US Constitution against all enemies, ]]]
[[[ foreign or domestic, requires you to follow Snowden's example. ]]]
> > > In the case of a breach,
> >
> > Breach of precisely what? To think about this issue
> > requires an answer to that question.
> The idea is that the likelihood of both an SSH and a PGP key getting
> stolen at the same time is lower than either one of them getting stolen
> separately.
That seems plausible to me, but we are miscommunicating.
You're discussing the "how" of a possible breach,
but what I really need to know is the "what".
What is being breached? What is the context here?
--
Dr Richard Stallman (https://stallman.org)
Chief GNUisance of the GNU Project (https://gnu.org)
Founder, Free Software Foundation (https://fsf.org)
Internet Hall-of-Famer (https://internethalloffame.org)
- bug#61277: FR: ELPA security - Restrict package builds to signed git commits, (continued)
- bug#61277: FR: ELPA security - Restrict package builds to signed git commits, Eli Zaretskii, 2023/02/07
- bug#61277: FR: ELPA security - Restrict package builds to signed git commits, Stefan Kangas, 2023/02/12
- bug#61277: FR: ELPA security - Restrict package builds to signed git commits,
Richard Stallman <=
- bug#61277: FR: ELPA security - Restrict package builds to signed git commits, Stefan Kangas, 2023/02/15
- bug#61277: FR: ELPA security - Restrict package builds to signed git commits, Stefan Monnier, 2023/02/15
- bug#61277: FR: ELPA security - Restrict package builds to signed git commits, Richard Stallman, 2023/02/25