-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Dimi,
Why remove the verification of the code's gpg signature? It seems to break a basic security maxim: don't trust the network. On Thursday 10 June 2004 22:48, Dimitrie O. Paun wrote: > ChangeLog > Do not include irrelevant stuff in the _history. > Do not instruct the client to verify the .sig, > it's a b0rken idea anyway. - -- Paul Millar -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFAybhq/9JwS78PA+kRAuv/AJ9Ulntb1MLGn+2gp8r/qpy6VqJDVACePwVB VXxAHr9gaBuMhIJ7P81ahMA= =0tkh -----END PGP SIGNATURE-----
