Re: Deskbar Applet, NewStuffManager, 2.16, Installing New Plug-Ins, AutoUpdate, etc.

Nigel Tao wrote:
>> > You mean running untrusted code from the Web?
>> Nigel said it would be possible to secure it a bit using GPG keys.
>> Maybe this kind of signing should be made a requirement.
> Well, should signing be necessary and/or sufficient, and who makes
> that decision?

I'm not really aware of the gpg stuff, but I've heard of debian
developpers signing packages this way, relying on the thrust level of
the key. Someone to confirm/say I'm a big liar ?

I don't know if it's really possible or secure, but what about rating
the thrustfulness of a plugin based on the amount of gnome people that
signed its key ? This is just an idea, maybe I'm on crack

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]