[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: debsums for maintainer scripts (was: Re: Revival of the signed debs discussion)

christophe barbe <christophe@cattlegrid.net> writes:

> On Mon, Dec 01, 2003 at 09:11:52PM +0100, Andreas Barth wrote:
> > > Before mass bug-filling, it would be necessary to make it mandatory
> > > which unfortunately is not the case right now afaik. 
> > 
> > Severity: wishlist
> > Where is the problem?
> Waste of time ?
> If it's not mandatory, a full coverage will never happen and without
> full coverage, most avantages of md5sum are lost.
> In my opinion it's not difficult to add it to packages without it.
> As soon as it's mandatory, NMU in delayed queue will be justified and I
> am sure it would not be long to get full coverage.
> Of course that post-sarge.
> I don't see why adding a md5dsum_are_mandatory clause to the debian
> policy would be difficult (what would be a good reason to not add md5sum
> to a package?). 
> Christophe

Because they waste space and give 0 security. See other mail.


Reply to: