Re: debsign process

To: Joey Hess <joey@kitenet.net>
Cc: Julian Gilbey <J.D.Gilbey@qmw.ac.uk>, <debian-devel@lists.debian.org>
Subject: Re: debsign process
From: Adam Heath <adam@lapdoog.doogie.brainfood.com>
Date: Fri, 1 Jun 2001 02:30:44 -0500 (CDT)
Message-id: <[🔎] Pine.LNX.4.33.0106010230140.1828-100000@localhost>
In-reply-to: <20010531232333.B12862@kitenet.net>

On Thu, 31 May 2001, Joey Hess wrote:

> It would be much nicer if bug #89094 could just be implemented. If gpg
> supported signing multiple files in one pass, one of the above could
> just use that support and we wouldn't have to worry about another
> security issue. (And for free we'd half the existing number of
> passphrase entries too..)

You can't sign both the .dsc and the .changes file in one pass.  You sign the
.dsc, then the .changes has to be updated with the correct md5sum, before it
is signed.

Reply to:

Follow-Ups:
- Re: debsign process
  - From: Joey Hess <joeyh@debian.org>

Prev by Date: Re: Intent to Rewrite: pwgen
Next by Date: Re: ITP: squeak-vm, squeak-image, squeak-sources -- A highly portable Smaltalk system
Previous by thread: Re: debsign process
Next by thread: Re: debsign process
Index(es):
- Date
- Thread