Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]


Groups > comp.mobile.android > #147061

Re: Why does open source software include a "signing key"?

From "R.Wieser" <address@is.invalid>
Newsgroups comp.mobile.android
Subject Re: Why does open source software include a "signing key"?
Date 2025-03-07 09:50 +0100
Organization A noiseless patient Spider
Message-ID <vqec1d$3f0vr$1@dont-email.me> (permalink)
References (5 earlier) <m2gg1cF8gagU1@mid.individual.net> <vpv68b$8tek$1@dont-email.me> <m2tbqeF6l2mU4@mid.individual.net> <vqc0us$2v1pf$1@dont-email.me> <m2vnfjFhmqeU1@mid.individual.net>

Show all headers | View raw


Arno,

> Not really. The signatures can not be verified since there is no CA for 
> it.

*Again*, that is where F-Droid comes in needing to check who created that 
self-signed cert, effectivily making F-Droid the CA - even though they do 
not(?) give out certs.

Kiddo, if F-Droid would not be able to say with a decent ammount of certanty 
that a certain app was made by a certain, specific person than they would 
get overrun with malversants.

Regards,
Rudy Wieser

Back to comp.mobile.android | Previous | NextPrevious in thread | Next in thread | Find similar | Unroll thread


Thread

Why does open source software include a "signing key"? Marion <marion@facts.com> - 2025-02-26 21:36 +0000
  Re: Why does open source software include a "signing key"? Marion <marion@facts.com> - 2025-02-26 21:44 +0000
    Re: Why does open source software include a "signing key"? Marion <marion@facts.com> - 2025-02-26 22:36 +0000
  Re: Why does open source software include a "signing key"? "R.Wieser" <address@is.invalid> - 2025-02-28 08:43 +0100
    Re: Why does open source software include a "signing key"? Marion <marion@facts.com> - 2025-02-28 19:30 +0000
      Re: Why does open source software include a "signing key"? Marion <marion@facts.com> - 2025-02-28 19:46 +0000
        Re: Why does open source software include a "signing key"? "R.Wieser" <address@is.invalid> - 2025-02-28 21:42 +0100
  Re: Why does open source software include a "signing key"? Arno Welzel <usenet@arnowelzel.de> - 2025-02-28 09:01 +0100
    Re: Why does open source software include a "signing key"? Marion <marion@facts.com> - 2025-02-28 19:19 +0000
      Re: Why does open source software include a "signing key"? Arno Welzel <usenet@arnowelzel.de> - 2025-03-01 10:00 +0100
        Re: Why does open source software include a "signing key"? Marion <marion@facts.com> - 2025-03-01 09:54 +0000
          Re: Why does open source software include a "signing key"? Marion <marion@facts.com> - 2025-03-01 10:12 +0000
            Re: Why does open source software include a "signing key"? Marion <marion@facts.com> - 2025-03-01 10:27 +0000
            Re: Why does open source software include a "signing key"? "R.Wieser" <address@is.invalid> - 2025-03-01 11:44 +0100
        Re: Why does open source software include a "signing key"? "R.Wieser" <address@is.invalid> - 2025-03-01 11:36 +0100
          Re: Why does open source software include a "signing key"? Arno Welzel <usenet@arnowelzel.de> - 2025-03-01 14:22 +0100
            Re: Why does open source software include a "signing key"? "R.Wieser" <address@is.invalid> - 2025-03-01 15:40 +0100
              Re: Why does open source software include a "signing key"? Arno Welzel <usenet@arnowelzel.de> - 2025-03-06 11:30 +0100
                Re: Why does open source software include a "signing key"? "R.Wieser" <address@is.invalid> - 2025-03-06 12:29 +0100
                Re: Why does open source software include a "signing key"? Arno Welzel <usenet@arnowelzel.de> - 2025-03-07 09:01 +0100
                Re: Why does open source software include a "signing key"? "R.Wieser" <address@is.invalid> - 2025-03-07 09:50 +0100
                Re: Why does open source software include a "signing key"? Arno Welzel <usenet@arnowelzel.de> - 2025-03-07 14:37 +0100
                Re: Why does open source software include a "signing key"? "R.Wieser" <address@is.invalid> - 2025-03-07 14:58 +0100

csiph-web