[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Apt-Torrent project

Matthew Palmer <mpalmer@debian.org> writes:
> On Sat, Oct 30, 2004 at 12:00:16PM +0200, Marc 'HE' Brockschmidt wrote:
>> Matthew Palmer <mpalmer@debian.org> writes:
>> [...]
>> > If we can get individually-signed .debs, you won't even need to worry so
>> > much about getting the torrent files off a trusted mirror...
>> dpkg-sig exists. Use it :)
> Thanks for that, and I know all about it and sign all of my
> internally-generated .debs for work.  However, I don't bother doing it for
> my Debian-uploaded ones because (a) anything built by an autobuilder won't
> have any sigs in it,

This will (hopefully) change when enough people use dpkg-sig.

> (b) most other developers aren't signing

Well, everybody can use this as a reason, but it's no problem to call
dpkg-sig instead of debsign. [1]


[1]  And i would be very happy if the dpkg-buildpackage and debuild
     maintainers would add dpkg-sig support, at least as option.
$_=')(hBCdzVnS})3..0}_$;//::niam/s~=)]3[))_$(rellac(=_$({pam(esrever })e$.)4/3*
)e$(htgnel+23(rhc,"u"(kcapnu ,""nioj ;|_- |/+9-0z-aZ-A|rt~=e$;_$=e${pam tnirp{y
V2ajFGabus} yV2ajFGa&{gwmclBHIbus}gwmclBHI&{yVGa09mbbus}yVGa09mb&{hBCdzVnSbus';
s/\n//g;s/bus/\nbus/g;eval scalar reverse   # <mailto:marc@marcbrockschmidt.de>

Attachment: pgpLWuOGLy9r4.pgp
Description: PGP signature

Reply to: