On Fri, April 29, 2005 2:54 pm, Tom Lord said:
The process should not rely on the security of every developer's
machine. The process should not rely on simply trusting quality
contributors by reputation (e.g., most cons begin by establishing
trust and continue by relying inappropriately on
trust-without-verification). This relates to why Linus'
self-advertised process should be raising yellow and red cards all
over the place: either he is wasting a huge amount of his own time and
should be largely replaced by an automated patch queue manager, or he
is being trusted to do more than is humanly possible.
Ahh, you don't believe in the development model that has produced Linux! Personally I do believe in it, so much so that I question the value of
signatures at the changeset level. To me it doesn't matter where the code
came from just so long as it works.