On 25 Feb 2015, at 18:56, Daniel Tryba d.tryba@pocos.nl wrote:
On Wednesday 25 February 2015 18:14:06 Olle E. Johansson wrote:
Thank you for the feedback!
BTW the Yes to is this a good thing ment: this is a really good idea to have in writing. But you still have to rely on the bugfinders to realize the impact/need to secrecy.
+1000 - this was discussed during the dev meeting.
But I fail to see how a pgp key for security is really important. Is there a PKI for kamailio releases? http://www.kamailio.org/pub/kamailio/latest/src/ contains the latest version, but there is no way to verify if this is really the latest release. No ssl, no dnssec, no signed checksums. These should be considered also.
I would love seeing signatures
This needs some release management, this needs to be discussed with Daniel(- Constantin) as manager of the project and with the builders of packages.
Agree fully. It's currently out of scope for this document.
/O