[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#540215: Introduce dh_checksums

On Wed, Mar 10, 2010 at 03:32:14PM +0100, Wouter Verhelst wrote:
> Having package.checksums be GPG-signed will take a significant change in
> our infrastructure (buildd hosts, for instance, would need to have a way
> to sign checksums files as well), so it's not going to happen
> tomorrow.

I was wondering about that. Unfortunately I'm quite ignorant of the
details of the whole upload and build process. 
- Are all packages that end up in the archive built by the autobuilders, or can maintainers
upload binary packages directly? 
- How are the Release files signed? Is it done automatically or
manually? By whom? 


Reply to: