* Christoph Anton Mitterer <cales...@scientia.net> [141030 05:10]: > To be honest, it's really awkward to see how much all this is apparently > fought against.
You have been told again and again that what you suggest would make the whole thing less useable to the point that it reduces security for many people. You have been told that your thread model is quite strange, in that you assume that people will - not only notice every MITM with too old a signature even though you suggest to change the system so that this will cause far more false positives, - but will also investigate every short network or mirror problem so that the far easier MITM of making the security mirrors inaccessible (which your suggested 'improvement' does nothing against) is not possible, - but are not able to notice if there are no security updates applied. What do you expect? That people on the list think it is a good idea to do what in their eyes only lowers Debian's security just because someone continues to claim the opposite? Please take a step back and try to understand why people think this will not help (It is not because they do not believe in evil resourceful governments). This should make it easier to either have arguments that persuage people or even better lead to solutions that improve the situation more generally (I'm quite sure the are aspects that can be improved, just that lowering Valid-Until times is detrimental). Bernhard R. Link -- F8AC 04D5 0B9B 064B 3383 C3DA AFFC 96D1 151D FFDC -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20141031114804.gb1...@client.brlink.eu