-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi all,
Internews is funding a short-term consultant to support Qubes OS
development. The BASICS Specialist in Issue and Code Management is a
remote, three-month, part-time contract. Please see the following link
for details:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Sun, Jul 26, 2020 at 09:03:35PM -0400, Demi M. Obenour wrote:
> On 2020-07-26 20:31, Marek Marczykowski-Górecki wrote:
> > On Sun, Jul 26, 2020 at 06:59:02PM -0400, Demi M. Obenour wrote:
> >> When looking at recent posts about template managers,
On 2020-07-26 20:31, Marek Marczykowski-Górecki wrote:
> On Sun, Jul 26, 2020 at 06:59:02PM -0400, Demi M. Obenour wrote:
>> When looking at recent posts about template managers, two points came to
>> mind:
>
>> ### Metadata Signing
>
>> Signing metadata would be awesome. Control over the repo
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Sun, Jul 26, 2020 at 06:59:02PM -0400, Demi M. Obenour wrote:
> When looking at recent posts about template managers, two points came to mind:
>
> ### Metadata Signing
>
> Signing metadata would be awesome. Control over the repo listing
>
When looking at recent posts about template managers, two points came to mind:
### Metadata Signing
Signing metadata would be awesome. Control over the repo listing
allows delaying updates without being detected, and also allows for
social engineering attacks. Debian manages to sign its
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Sun, Jul 26, 2020 at 11:12:14PM +0200, Wojtek Porczyk wrote:
> On Sat, Jul 25, 2020 at 10:46:40AM +, WillyPillow wrote:
> > On Saturday, July 25, 2020 12:18 AM, Wojtek Porczyk
> > wrote:
> > > On Thu, Jul 23, 2020 at 05:45:56PM +,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Sat, Jul 25, 2020 at 10:46:40AM +, WillyPillow wrote:
> On Saturday, July 25, 2020 12:18 AM, Wojtek Porczyk
> wrote:
> > On Thu, Jul 23, 2020 at 05:45:56PM +, WillyPillow wrote:
> >
>
> > > One issue is that from the qrexec client
