Re: Revival of the signed debs discussion
* Goswin von Brederlow (brederlo@informatik.uni-tuebingen.de) [031204 15:10]:
> Andreas Barth <aba@not.so.argh.org> writes:
> > Ok?
> Sounds ok but the upload rules can be tightened much much later. First
> we have to get signing started, which means fixing apt-utils or
> debsigs or preferably both. And of cause change policy to
> allow/suggest it.
I want to know before going on a trip where this trip is suggested to
end. Of course, after knowing, we should really start with the first
steps. And these are, as you say:
- Fix apt-utils
- Sign md5sum-files instead of the concatenated binaries (to allow for
reomte signing)
- Change policy
And don't forget: Start to sign as soon as the toolchain is ready for
it.
Cheers,
Andi
--
http://home.arcor.de/andreas-barth/
PGP 1024/89FB5CE5 DC F1 85 6D A6 45 9C 0F 3B BE F1 D0 C5 D1 D9 0C
Reply to: