Hi Dne Mon, 28 Jun 2010 12:57:22 +0200 Pietro Battiston <m...@pietrobattiston.it> napsal(a):
> Il giorno lun, 28/06/2010 alle 11.44 +0200, Michal Čihař ha scritto: > > [...] I > > just did not expect somebody would add DMUA while not being DM ... > > lesson learned. > > > > Just curiosity, but... which lesson? Because I should check it more carefully. > I mean: couldn't a DD say "I trust you for this package but you're still > not DM - I set the flag so it's useful in case you become it"?! > Is the problem that it's unsecure to trust an email address which key is > still not "officially known" to Debian? I think the biggest problem is that it is confusing - eg. PTS shows this information and make people think there is no need to sponsor this package (like it happened now). -- Michal Čihař | http://cihar.com | http://blog.cihar.com
signature.asc
Description: PGP signature