Re: Deskbar Applet, NewStuffManager, 2.16, Installing New Plug-Ins, AutoUpdate, etc.

From: Steve Frécinaux <nudrema gmail com>
To: Nigel Tao <nigel tao gnome gmail com>
Cc: desktop-devel-list gnome org
Subject: Re: Deskbar Applet, NewStuffManager, 2.16, Installing New Plug-Ins, AutoUpdate, etc.
Date: Tue, 01 Aug 2006 04:02:28 +0200

Nigel Tao wrote:
>> > You mean running untrusted code from the Web?
>>
>> Nigel said it would be possible to secure it a bit using GPG keys.
>> Maybe this kind of signing should be made a requirement.
> 
> Well, should signing be necessary and/or sufficient, and who makes
> that decision?

I'm not really aware of the gpg stuff, but I've heard of debian
developpers signing packages this way, relying on the thrust level of
the key. Someone to confirm/say I'm a big liar ?

I don't know if it's really possible or secure, but what about rating
the thrustfulness of a plugin based on the amount of gnome people that
signed its key ? This is just an idea, maybe I'm on crack

Follow-Ups:
- Re: Deskbar Applet, NewStuffManager, 2.16, Installing New Plug-Ins, AutoUpdate, etc.
  - From: Corey Burger

References:
- Re: Deskbar Applet, NewStuffManager, 2.16, Installing New Plug-Ins, AutoUpdate, etc.
  - From: Nigel Tao

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]