(fwd from firstname.lastname@example.org) Suggestion: describe (or link
to) how to verify your distributions
rsharpe at ns.aus.com
Fri Nov 22 22:11:37 GMT 2002
On Fri, 22 Nov 2002, David W. Chapman Jr. wrote:
> On Fri, Nov 22, 2002 at 01:08:39PM -0800, Martin Pool wrote:
> > Yeah, sure, but:
> > What does this all mean? Why should I care?
> > Where do I get GPG?
> > Where do I get the samba codesigning key? How do I import it? How
> > do I know I got the right one?
> > What do I do if it doesn't verify?
> I always wondered if someone uploaded a tarball with a trojan, what's
> preventing them from updating the .asc file as well?
Hackers don't have the intelligence to think of that :-) (tongue firmly in
Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org,
More information about the samba-technical