on Fri, Nov 21, 2003 at 10:48:37AM -0500, Andrew Schulman ([EMAIL PROTECTED]) wrote: > >http://cert.uni-stuttgart.de/files/fw/debian-security-20031121.txt > > > > > >------------------------------------------------------------------------ > >[Note: The original announcement didn't have a GnuPG signature.] > > Why did the original announcement not have a GnuPG signature? Is no one > else bothered by this? Why has there been no announcement on debian.org?
It was supersceded by a repost with a GPG signature. Which I validated before submitting the item to Slashdot. www.debian.org wasn't updated for a time after the compromise because it was among the affected servers. There's been a bit of talk about a disaster recovery plan, including fallback communications channels. Things were rather ad hoc this time around. Peace. -- Karsten M. Self <[EMAIL PROTECTED]> http://kmself.home.netcom.com/ What Part of "Gestalt" don't you understand? "Just another million years," said Marvin, "just another quick million. Then I might try it backwards. Just for the variety, you understand." -- HHGTG
pgp00000.pgp
Description: PGP signature
