|
|
|
|
|
|
by ris
1573 days ago
|
|
|
What Google does with their keys is known only to Google. Google also have various commercial pressures which can compromise their behaviour (on that note, have we even managed to stop Certificate Authorities selling carte-blanche certificates to middleware-box vendors yet?) A team-maintained package repository on the other hand operates through transparency. |
|
|