incubator-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Niclas Hedhman" <>
Subject Re: status of PGP support in Maven
Date Wed, 24 Sep 2008 05:36:17 GMT
On Wed, Sep 24, 2008 at 1:20 PM, Henning Schmiedehausen
I enjoy your scenarios...

> And again, there is no "high nineties" security. Your solution is either
> secure or it is not.

For accuracy; This is not true either. AFAIK, no security solution is
totally secure. You will be left with a number game.

But I agree that this is a complex and non-trivial problem. Right now, we
just say; "No Security, check manually." and to users who don't (like
myself) we just ask them to blame themselves for being sloppy. Fair Enough.
BUT, somehow I feel that a bit of "help" could be in order, and I think that
if it is not portrayed as a "secure" and that the manual check should still
be done by the security conscious, then why not try to provide that? How can
a step in the right direction be bad?


  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message