[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Packages for adoption

Hi Rhonda,

Gerfried Fuchs wrote:
> * martin f krafft <madduck@debian.org> [2008-05-01 22:23:34 CEST]:
>> also sprach Gerfried Fuchs <rhonda@deb.at> [2008.05.01.1845 +0100]:
>>>  The thing is, they *have to* check it by hand because it can't be
>>>  checked with etch tools. Or think they are in a false safety.
>> Why not? Maybe I am doing something magic I forgot, but my .dsc
>> files have the "Files" section, which the etch tools use.
>  Yes. But the etch tools don't check anything else.

I still don't get your point then. Apparently you insist in
Checksums-Sha1 and Checksums-Sha256 headers being absent. So, the users
using plain etch-built packages (without these headers) would have even
worse possibilities to verify the affected files than with these headers
being present. This sounds to be an even worse disservice than having
the additional headers without a tool verifying them automatically.

Or did I get something wrong?


Attachment: signature.asc
Description: OpenPGP digital signature

Reply to: