Frank Küster <frank@debian.org> writes: > If such a signature mechanism is implemented, dinstall could also append > a copy of the filelist, with updated md5sums. I'm not familiar with the > ar format, but can one restore the old md5sum when you unpack the deb, > remove the additional signature, and re-ar it? You can simply strip off the parts that change the md5sum, without the unpack/pack cycle. The problem is to know which parts need to be removed. Marc -- BOFH #335: the AA battery in the wallclock sends magnetic interference
Attachment:
pgpPImmTl4Mic.pgp
Description: PGP signature