package (tinyca2) not longer present in F15, what to do about it?
Patrick O'Callaghan
pocallaghan at gmail.com
Wed Aug 10 11:49:55 UTC 2011
On Wed, 2011-08-10 at 20:30 +0930, Tim wrote:
> On Wed, 2011-08-10 at 11:10 +0200, J.Witvliet at mindef.nl wrote:
> > Specially with any package that is somehow related to security it
> > would be comforting to be assured that at least some people take the
> > trouble to have a look at it. The fact that without any changes it
> > still works after all these years would not be enough for something
> > like a CA.
>
> Obvious question: Have there been any bug reports for it, or no real
> complaints? (I mean faults, not reports about lack of new versions.)
Obvious answer: if there haven't been, does that mean that there are no
bugs or that not enough people are testing it? Testing security software
is not for the faint of heart and very often the failure mode is to look
like everything is working when in fact it's leaking information.
And if there were bugs, who would fix them?
poc
More information about the users
mailing list