Secrecy and user trust
Les Mikesell
lesmikesell at gmail.com
Tue Sep 2 16:42:13 UTC 2008
Bill Crawford wrote:
> On 02/09/2008, Bill Davidsen <davidsen at tmr.com> wrote:
>
>> If there is a known date before which packages can be trusted, that
>> should be said. Users who lag the cutting edge will be reassured. People
>> won't have to be checking security logs for a decade if the problem is
>> more recent. People on distributions older than FC8 which are not
>> maintained should be told if the problem goes back that far.
>
> The infrastructure is up and running. We have been told that new
> updates will be made available as soon as they (and existing content)
> have been signed with a new key. They have announced that they do not
> believe there is any risk from existing content. What do you want to
> know?
When and how did the intrusion occur? How was it initially detected?
--
Les Mikesell
lesmikesell at gmail.com
More information about the fedora-list
mailing list