Tails

#1 Updated by intrigeri 2018-08-18 09:55:54

• Status changed from Confirmed to Rejected
• Assignee deleted (intrigeri)

intrigeri wrote:
> Issues like Bug #10757 are painful, and it would be nice if we could solve them even for already released Tails.

This is still true. I think that’s the only remaining strong reason to consider this change because:

> This would also be useful if we have to transition X.509 certificates or OpenPGP keys without having coordinated it properly in advance.

X.509 certs for TLS are not an issue anymore, thanks to Let’s Encrypt. And for OpenPGP keys we’re doing pretty good nowadays.

> Besides, recent experience proves that the general level of understanding of “we can’t fix the Upgrader in past Tails releases” is pretty low within our team, which leads to all kinds of mistakes, and it’s maybe easier to eliminate the problem altogether, than to train relevant people to understand the current limitations.

This is still true but I now think that with this proposed change, we’ll replace that problem with a new one i.e. “a new version of Tails Upgrader must work in old Tails releases as well”, which I bet will be just as hard for our team to grasp (none of our other software has this requirement) and will make it harder to handle big changes, which IMO has more chances to introduce issues than the proposed change has chances to workaround others.