| 1 |
On Sat, Jul 7, 2018 at 1:51 AM Martin Vaeth <martin@×××××.de> wrote: |
| 2 |
> |
| 3 |
> Davyd McColl <davydm@×××××.com> wrote: |
| 4 |
> |
| 5 |
> > I ask because prior to the GitHub incident, I didn't have signature |
| 6 |
> > verification enabled |
| 7 |
> |
| 8 |
> Currently, it is not practical to change this, see my other posting. |
| 9 |
> |
| 10 |
|
| 11 |
You clearly don't understand what it actually checks. It is |
| 12 |
completely practical to enable this today (though not as secure as it |
| 13 |
could be). I'll elaborate in a reply to the other email. |
| 14 |
|
| 15 |
-- |
| 16 |
Rich |
Archives