Infrastructure report, 2008-08-22 UTC 1200
Miles Sabin
miles at milessabin.com
Sun Aug 24 14:39:05 UTC 2008
On Fri, Aug 22, 2008 at 7:39 PM, Laszlo BERES <beres.laszlo at sys-admin.hu> wrote:
> Miles Sabin wrote:
>> The RHEL signing keys have, however, been used by an unauthorized
>> party to sign unauthorized packages. Some people would say that that
>> qualified as "compromised" on any reasonable definition.
>
> Signing is a thing, distributing a signed package through the official ways
> is another. The latter didn't happen as we know.
We know nothing of the sort. In fact the RH announcement suggests
exactly the opposite ... why else distribute a script to check for
compromised RHEL packages?
Cheers,
Miles
--
Miles Sabin
tel: +44 (0)1273 720 779
mobile: +44 (0)7813 944 528
skype: milessabin
More information about the users
mailing list