[prev in list] [next in list] [prev in thread] [next in thread]
List: quanta
Subject: Re: [Quanta] New resource posted
From: Andras Mantia <amantia () kde ! org>
Date: 2007-03-29 18:05:34
Message-ID: 200703292105.35391.amantia () kde ! org
[Download RAW message or body]
[Attachment #2 (multipart/signed)]
On Thursday 29 March 2007, Paul Lemmons wrote:
> Ok, cool... I am getting closer... Now I get "Problematic Resource
> FIle - No keys were found" with a request, should I continue or not.
> Is this expected?
It is up to you. The idea is that the resources can be signed with a PGP
key, so you can be sure who uploaded it. This is important for scripts
and toolbars, where you can actually execute code. Some resources were
not signed (the person who created either doesn't have a PGP key or
didn't want to sign it). Quanta will warn you if it was not signed at
all or the signature is not a trusted one (by you), and you can choose
how to go on.
Accepting everything without thinking is similar to downloading
something from the web and running on your computer without verifying.
Luckily its all open source so you have a chance to verify the exact
content of the package by getting it from the resource page
(http://quanta.kdewebdev.org/resources.php). Or you can trust us that
we didn't put mailicious code to the server, but as much as we try to
verify the codes, we cannot legally guarantee 100% security for code
not created by us (and even what we created comes without warranty
according to the GPL licence).
Andras
--
Quanta Plus developer - http://quanta.kdewebdev.org
K Desktop Environment - http://www.kde.org
["signature.asc" (application/pgp-signature)]
_______________________________________________
Quanta mailing list
Quanta@mail.kde.org
https://mail.kde.org/mailman/listinfo/quanta
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic