Re: Proposed spec for external packages
Jeremiah Foster <jeremiah.foster@...>
On Tue, Aug 4, 2015 at 8:09 PM, Kate Stewart <kstewart@...> wrote:
How do you propose it be trusted? It is just a string! You need substantially more infrastructure than just a SPDX tag to generate trust.