[petsc-dev] I hate nagupgrade

Aron Ahmadia aron at ahmadia.net
Tue Nov 11 14:38:58 CST 2014


On Tue, Nov 11, 2014 at 11:36 PM, Matthew Knepley <knepley at gmail.com> wrote:

> I don't actually care whether we keep this check. However, I do think the
> arguments advanced so far do
> not amount to more than prejudice. I don't think a security argument holds
> water for a system that
> downloads tarballs from other sites without any kind of check.
>

Are you referring to PETSc?  All HashDist downloads are cryptographically
verified, which is one of the reasons we're trying to move away from this
sort of thing.

A
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mcs.anl.gov/pipermail/petsc-dev/attachments/20141111/2f3366d1/attachment.html>


More information about the petsc-dev mailing list