On Fri, Nov 09, 2007 at 08:00:15PM -0600, Raphael Geissert wrote: > Steve McIntyre wrote: > > That's all well and good, but the buildds also depend on using > > packages from (for example) incoming, which it is not feasible to > > sign. > > Even tough incoming is not signed, packages require a valid DD/similar > signature to be there. > What I worry about is having a mirror or even the main archive compromised, > because buildd's won't have a chance to possibly stop the attack because > signatures aren't verified.
Won't somebody else stop the attack in their place then, who does check the signatures? Michael -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]