remote-help-assistant team mailing list archive

Thread
Date

Re: GPG verify fails

To: Andrew Sayers <andrew-bugs.launchpad.net@xxxxxxxxxxxxxxx>
From: Sebastian Spiess <sebastian.spiess@xxxxxxxxx>
Date: Thu, 09 Oct 2008 20:37:12 +1100
Cc: remote-help-assistant@xxxxxxxxxxxxxxxxxxx
In-reply-to: <48EDCABC.3040202@pileofstuff.org>
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-GB; rv:1.8) Gecko/20051201 Thunderbird/1.5 Mnenhy/0.7.3.0

Andrew Sayers wrote:

Could you try to verify the package again?  I've now uploaded my
signature to Ubuntu's key server, so gpg should be able to verify it.


If I only do the check again and nothing else it gives still the same result

My concern with putting the assistant in a PPA is that it currently has
no way of signing packages, so anyone could upload a dodgy version of
the assistant if they were a bit clever.  Ordinarily I wouldn't mind,
but I'd rather play it safe with the assistant, given how
security-sensitive it is.


I understand your arguments and agree. Besides I only mentioned it but have no clue about the details of PPA

	- Andrew

Follow ups

Re: GPG verify fails
From: Andrew Sayers, 2008-10-09

References

GPG verify fails
From: Sebastian Spiess, 2008-10-09
Re: GPG verify fails
From: Andrew Sayers, 2008-10-09