< slangasek> asac: ah. well, I would argue that relying on LP SSL to verify .dsc files is the wrong trust model
I think this has a point. And while using ca-certificates in recommends is probably helpful, couldnt me also make dget just print a warning and ignore certificates? Note that .dsc files are verified by gpg anyway.
< slangasek> asac: ah. well, I would argue that relying on LP SSL to verify .dsc files is the wrong trust
model
I think this has a point. And while using ca-certificates in recommends is probably helpful, couldnt me also make dget just print a warning and ignore certificates? Note that .dsc files are verified by gpg anyway.