Latest update - 2018.05.26 - missing key on CentOS

Christoph Erhardt christoph.erhardt at sicherha.de
Fri Jun 15 08:30:34 CEST 2018


Hi Enrico,

I think you may be mistaking me for a staff member of Kolab Systems; I'm just 
a regular member of the project's open-source community like you are. ;-)

I agree with what you wrote, but I cannot do anything about it (other than 
help out in the areas where my progress is not dependent on somebody at Kolab 
Systems flicking a switch).

Regarding the workaround for the signing-key issue: fortunately, it's not as 
problematic as you think. If you change the repository link to https://, your 
package manager validates the server's host certificate and downloads all 
packages over an encrypted connection - which should provide roughly the same 
level of integrity guarantees. Still, I agree that this issue should be fixed 
rather today than tomorrow.

Best regards,
Christoph

On Thursday, 14 June 2018 13:46:28 CEST Enrico Tagliavini wrote:
> Hello Christoph,
> 
>      if I may throw in a suggestion, without sounding like a troll or
> an hater, but rather trying to be constructive: maybe this is a good
> time to review the internal priorities. I understand there is one
> person only maintaining the infrastructure and I fully understand he
> can be busy. Blocking updates of all users for multiple weeks should
> be a very high priority task, I know there is a workaround but it
> involved disabling the only check guaranteeing the source of the
> package. Possibly this person needs some help if he cannot flush his
> queue enough to reach the point where he can take care of this task.
> 
> Again: this is just not to flame or troll, I support Kolab, and I
> appreciate the work from everybody working on it and I want it to be
> as successful as possible, that's also why I want such issue not to
> happen or to be addressed timely.
> 
> Thank you.
> Kind regards.
> 
> Enrico
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.kolab.org/pipermail/users/attachments/20180615/496ccfcf/attachment.sig>


More information about the users mailing list