1 |
On Sat, Jul 7, 2018 at 1:51 AM Martin Vaeth <martin@×××××.de> wrote: |
2 |
> |
3 |
> Davyd McColl <davydm@×××××.com> wrote: |
4 |
> |
5 |
> > I ask because prior to the GitHub incident, I didn't have signature |
6 |
> > verification enabled |
7 |
> |
8 |
> Currently, it is not practical to change this, see my other posting. |
9 |
> |
10 |
|
11 |
You clearly don't understand what it actually checks. It is |
12 |
completely practical to enable this today (though not as secure as it |
13 |
could be). I'll elaborate in a reply to the other email. |
14 |
|
15 |
-- |
16 |
Rich |