GNU bug report logs - #33825
25.2; Failing to verify signature for ELPA debbugs package

Previous Next

Package: emacs;

Reported by: clemera <clemens.radermacher <at> posteo.de>

Date: Fri, 21 Dec 2018 16:22:01 UTC

Severity: normal

Tags: patch

Found in version 25.2

Done: Stefan Kangas <stefan <at> marxist.se>

Bug is archived. No further changes may be made.

Full log

Message #38 received at 33825 <at> debbugs.gnu.org (full text, mbox):

From: Stefan Kangas <stefan <at> marxist.se>
To: Eli Zaretskii <eliz <at> gnu.org>
Cc: Robert Pluim <rpluim <at> gmail.com>, 33825 <at> debbugs.gnu.org,
 Clemens Radermacher <clemens.radermacher <at> posteo.de>
Subject: Re: bug#33825: 25.2;
 , Failing to verify signature for ELPA debbugs package
Date: Mon, 16 Sep 2019 21:13:13 +0200

[Message part 1 (text/plain, inline)]

Eli Zaretskii <eliz <at> gnu.org> writes:

> > How about also adding a recommendation to use https, as far as
> > possible, for package archives?  I guess that could be added to both
> > the doc string of package-archives and possibly also the manual.  That
> > would help security and avoid issues such as these.
>
> I'd leave this out of the manual.  Doc string should be enough.

Thanks.  How about the attached patch?

Best regards,
Stefan Kangas

[0001-Recommend-https-for-package-archives.patch (text/x-patch, attachment)]

This bug report was last modified 5 years and 243 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #33825 25.2; Failing to verify signature for ELPA debbugs package

GNU bug report logs - #33825
25.2; Failing to verify signature for ELPA debbugs package