Henrique de Moraes Holschuh <[EMAIL PROTECTED]> wrote: > > - Eliminate the wait for the buildd for the first architecture. > > Not acceptable.
Rather, you would not find that acceptable. > It will cause a time window where a trojaned binary package > might be active, True. > and since it would later have a new clean one replacing it, > it would be even worse to detect the problem. > > If you are to replace the uploaded binary debs with ones rebuilt from > source, do it right: do not install the "untrusted" binary debs to the > archive anywhere, and don't let them get to incoming.d.o, either. I would rather that Debian offered users the choice of a more timely binary compiled by the DD or a later binary compiled by a buildd. >> - Allow an automated comparison of the two .debs. > >This is worth doing, but difficult to get right. Having both versions available would help in diagnosing any differences, especially while the comparison utility was still being tuned. - Jim Van Zandt -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]