Re: Verification with checksum files

To: debian-cloud@lists.debian.org
Subject: Re: Verification with checksum files
From: Ross Vandegrift <rvandegrift@debian.org>
Date: Thu, 16 Sep 2021 07:53:50 -0700
Message-id: <[🔎] 20210916145350.2j5faw6ophdjscvy@vanvanmojo.kallisti.us>
In-reply-to: <[🔎] 123ACC33-5B32-42E8-98CE-1E15ED3DC4CC@syseleven.de>
References: <[🔎] 123ACC33-5B32-42E8-98CE-1E15ED3DC4CC@syseleven.de>

On Thu, Sep 16, 2021 at 02:13:01PM +0300, Renat Nurgaliyev wrote:
> are there any updates? Will it be possible to get signature files? Otherwise all bullseye cloud images don’t make
> so much sense, since it is impossible to verify if they are authentic or not.

Sorry we don't currently provide signatures.  There's a wishlist bug
with some discussion, see #932943.  As far as I know, no one is
working on this.

It's not ideal, but the checksums are available via https, so it's not
quite as bad as you say.  But if that's not sufficient, you can clone
https://salsa.debian.org/cloud-team/debian-cloud-images/ and run a local
build.

Ross

Reply to:

References:
- Re: Verification with checksum files
  - From: Renat Nurgaliyev <r.nurgaliyev@syseleven.de>

Prev by Date: Re: Verification with checksum files
Next by Date: Processing of python-boto3_1.18.46+dfsg-1_source.changes
Previous by thread: Re: Verification with checksum files
Next by thread: Processing of python-boto3_1.18.46+dfsg-1_source.changes
Index(es):
- Date
- Thread