ports/63546: ports/security/libprelude - fetch PGP signature
Jason Harris
jharris at widomaker.com
Sun Feb 29 23:41:20 UTC 2004
On Sun, Feb 29, 2004 at 10:23:33PM +0100, Oliver Eikemeier wrote:
> Unfortunate, but I guess we can fix this. I hope I made my point without
> offending you, but blindly downloading and verifying a PGP signature is
> actually *less* secure than the md5 checksum in distinfo, and worse, it
> gives a false sense of security.
No offense taken - your presumptions about security plague many.
--
Jason Harris | NIC: JH329, PGP: This _is_ PGP-signed, isn't it?
jharris at widomaker.com _|_ web: http://keyserver.kjsl.com/~jharris/
Got photons? (TM), (C) 2004
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-ports-bugs/attachments/20040229/f31d0538/attachment.sig>
More information about the freebsd-ports-bugs
mailing list