[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[no subject]

They need to redirect all key servers, they even need to redirect to a
faked, edited mailing list archive without to much delay.

With this mail to the list, I could post a good public key, somebody
else could provide a good public key to validate other public keys in a
different way somewhere else. The government needs to get control about
the whole Internet. This is impossible!

No government has absolutely control over the Internet!
OTOH while you most likely could find a way to validate ownership of
public keys, there's most likely no a way to trust everything provided
by Ubuntu, even if you should trust the Canonical owner and all package
maintainers. They can't verify the complete source code they use to
provide their packages.

In the end you need to trust the community, other humans, yourself.