On Tue, 2014-08-19 at 10:07 -0400, Miloslav Trmač wrote:
That’s the right thing to do of course, but leaves the users with an
unusable system in the mean time. Could the update description at
least generally point to how to work around this if the certificate
owner is not (sufficiently quickly) responsive?
I'd expect that users would be blocked from using just one application,
or from connecting to just a few servers - but should be able to connect
to the majority of the Internet just fine.
Can you think of scenarios, where a system is mostly unusable?
A general workaround is to downgrade to the previous package version, do
you think we need to state that explicitly in the update description?