Linux live CD with Pidgin?

Ethan Blanton elb at pidgin.im
Mon Feb 16 20:06:18 EST 2009


Richard Laager spake unto us the following wisdom:
> For the developers: I'd like to make the "download" link at pidgin.im go
> to the PPA for people with Ubuntu in their user-agent string. How do you
> feel about this, as opposed to serving them a tarball?

Sounds good to me, modulo comments below.

> * From a security standpoint, the GPG signature on the package list file
> is issued by the build servers, not (for example) me.

This is dumb.  Why does Launchpad continue to make decisions like
this, that suck?  (That's rhetorical.)  It's like they don't know
anything about security or crypto at all.  Can the packages at least
have *multiple* signatures, so we can get your signature plus their
signature on it?  (I'm not familiar enough with .deb signing to know
if this is even possible in the package format.)

Ethan

-- 
The laws that forbid the carrying of arms are laws [that have no remedy
for evils].  They disarm only those who are neither inclined nor
determined to commit crimes.
		-- Cesare Beccaria, "On Crimes and Punishments", 1764
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://pidgin.im/pipermail/support/attachments/20090216/4fec9aa3/attachment.pgp 


More information about the Support mailing list