Re: Please sign software with GnuPG

From: Sven Neumann <sven gimp org>
To: Peter Wainwright <prw wainpr demon co uk>
Cc: Tor Lillqvist <tml iki fi>, Per Tunedal <pt radvis nu>, gtk-devel-list gnome org, cvsmaster gnome org
Subject: Re: Please sign software with GnuPG
Date: 03 Nov 2002 16:51:39 +0100

Hi,

Peter Wainwright <prw wainpr demon co uk> writes:

> That said, I don't know what the security issues are with CVS.

the most severe security issue with GNOME CVS is probably that it
still uses the pserver protocol that gives no reasonable
authentification at all although there are alternatives around for
years. GNOME CVS is the only CVS server I know of that still doesn't
use ssh key authentification to identify trusted users that are
allowed to commit. Is there a good reason for that?


Salut, Sven

Follow-Ups:
- Re: Please sign software with GnuPG
  - From: Jonathan Blandford

References:
- Re: Please sign software with GnuPG
  - From: Tor Lillqvist
- Re: Please sign software with GnuPG
  - From: Peter Wainwright

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]