Adam Jackson <a...@redhat.com> writes: > For the same reason Firefox doesn't automatically accept self-signed SSL > certs, and the same reason that ssh doesn't automatically accept new > host keys: it'd be creating trust from thin air.
I trust my hardware, I trust my firmware, I trust my install medium. That is not trust from thin air; the hardware is unlikely to be compromised and I verify the install medium. I cannot completely rule out firmware compromise, but if I have been hit by that I am owned already and likely will stay owned for years. I don't trust random mirrors on the Internet. Yet Anaconda somehow does. Despite the fact that it could easily grab the key off the trusted install medium and check the signatures. /Benny -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
