Re: the rubygems trust problem, what's wrong with this: https://gist.github.com/4699579 /cc @bascule @drbrain
@judsonlester @drbrain it's a potential approach, however PGP WoT provides little actual "trust". See http://www.few.vu.nl/~mconti/teaching/ATCNS2010/ATCS/Sybil/Sybil.pdf …
-
-
-
@judsonlester@drbrain how much "direct physical knowledge of remote entities" would apply to RubyGems? -
-
@judsonlester@drbrain that's not a practical answer, however sadly many people seem to believe it is o_O -
-
@judsonlester@drbrain the combinatorial explosion of gem users:gem creators creates too many trust dependencies -
-
@judsonlester@drbrain how many degrees of separation do you allow, and what about gems outside your WoT? - 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.