incubator-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Niclas Hedhman" <nic...@hedhman.org>
Subject Re: status of PGP support in Maven
Date Wed, 24 Sep 2008 05:36:17 GMT
On Wed, Sep 24, 2008 at 1:20 PM, Henning Schmiedehausen
<henning@apache.org>wrote:
I enjoy your scenarios...


> And again, there is no "high nineties" security. Your solution is either
> secure or it is not.


For accuracy; This is not true either. AFAIK, no security solution is
totally secure. You will be left with a number game.


But I agree that this is a complex and non-trivial problem. Right now, we
just say; "No Security, check manually." and to users who don't (like
myself) we just ask them to blame themselves for being sloppy. Fair Enough.
BUT, somehow I feel that a bit of "help" could be in order, and I think that
if it is not portrayed as a "secure" and that the manual check should still
be done by the security conscious, then why not try to provide that? How can
a step in the right direction be bad?


Cheers
Niclas

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message