On Tue, Feb 12, 2013 at 11:02:16PM +0100, Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Content-ID:
On Tuesday, 2013-02-12 at 22:22 +0100, Marcus Meissner wrote:
On Tue, Feb 12, 2013 at 12:07:12PM -0900, johnm wrote:
Just noticed, security announce mailing list messages are no longer PGP signed? Whats up?
The security update notices we push have never been signed since we started them.
Not true. Look at this one:
+++······························· Date: Thu, 6 Jun 2002 04:46:55 +0200 (MEST) From: Roman Drahtmueller <....@suse.de> To: suse-security-announce@suse.com Subject: [suse-security-announce] SuSE Security Announcement: bind9/bind9-beta (SuSE-SA:2002:021)
- ----------- GPG signed message, verified on 2013-02-12 22:34:15 ------------ ·······························++-
I just looked at the first update email I found in my archive, I can find out when they stopped using GPG.
Begin of 2012 we started to publish fully automated advisories and stopped doing old style advisories. As they are automated it is hard to sign them. We can add it, but I think no one ever checked their signatures anyway. Ciao, Marcus -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org