Re: [RFH] The need for signed packages and signed Releases (long, long)

To: Glenn McGrath <bug1@optushome.com.au>
Cc: debian-devel@lists.debian.org
Subject: Re: [RFH] The need for signed packages and signed Releases (long, long)
From: Javier Fernández-Sanguino Peña <jfs@computer.org>
Date: Tue, 12 Nov 2002 16:42:50 +0100
Message-id: <[🔎] 20021112154250.GA15391@dat.etsit.upm.es>
In-reply-to: <[🔎] 20021113020355.5e370f2f.bug1@optushome.com.au>
References: <[🔎] 20021112143711.GA6850@dat.etsit.upm.es> <[🔎] 20021113020355.5e370f2f.bug1@optushome.com.au>

On Wed, Nov 13, 2002 at 02:03:55AM +1100, Glenn McGrath wrote:
> On Tue, 12 Nov 2002 15:37:11 +0100
> Javier Fernández-Sanguino Peña <jfs@computer.org> wrote:
> 
> > - accept signatures in packages when uploading to the archive.
> 
> It would be convenient if the signature was a part of the package, so the
> package can be checked where ever it goes, it could be an extra file in
> the ar component of the deb.
> 
	AFAIK this is already possible (and debsig-verify uses it). The
problem is that we are not using it. I do not know the details, however.


	Javi

Reply to:

References:
- [RFH] The need for signed packages and signed Releases (long, long)
  - From: Javier Fernández-Sanguino Peña <jfs@computer.org>
- Re: [RFH] The need for signed packages and signed Releases (long, long)
  - From: Glenn McGrath <bug1@optushome.com.au>

Prev by Date: Re: Discussion - non-free software removal
Next by Date: Re: [RFH] The need for signed packages and signed Releases (long, long)
Previous by thread: Re: [RFH] The need for signed packages and signed Releases (long, long)
Next by thread: Re: [RFH] The need for signed packages and signed Releases (long, long)
Index(es):
- Date
- Thread