On Wed, 22 Aug 2007 14:02:47 -0400
David Zeuthen <davidz(a)redhat.com> wrote:
To me, that's totally not what Colin is suggesting. In fact,
there are
things in his mail that actually suggests to *improve* security such
as replacing, IMO, useless dialogs like "Import this GPG key:
<hexnumber>" to something more useful (his proposal about timeouts).
See also my other mail about asking better questions like "Import
this GPG key: <hexnumber>".
I got from it that he just wants to do away with the question
entirely. I'm having a hard time figuring out where you guys want to
go. In one hand you say you don't want dialogs at all that ask people
to think or even respond, it just does things. On the other you say as
soon as you allow installing software that is outside of the repos we
ship, the jig is up and we shouldn't care about any sort of security
form that point on. I'm lost :(
--
Jesse Keating
Fedora -- All my bits are free, are yours?