[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: md5sums files

Harald Braumann <harry@unheit.net> writes:

> Completely agreed. Also, because playing around is always more fun than
> just talking, I've attached a script that signs/verifies binary
> packages. Dpkg doesn't seem to mind the extra files.

> This script signs each file in the package individually, but it could
> also concatenate them all alphabetically and create just one signature.

See debsigs.

There have been previous discussions on debian-devel about this.  I
believe DAK does not allow packages signed using debsigs to be uploaded.
I'm not sure if that's out of objection to the entire concept, or whether
there are just technical issues that need to be resolved first.  (I
probably would know if I had a better memory for the previous discussion,
but unfortunately I appear to have recycled those brain cells.)

Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>

Reply to: