Re: Bug#540215: Introduce dh_checksums
On Wed, Mar 17, 2010 at 04:12:46PM -0700, Russ Allbery wrote:
> Wouter Verhelst <wouter@debian.org> writes:
>
> > This is not true.
>
> > wouter@merkel:/org/ftp.debian.org/queue/done$ ls *ges|wc -l
> > 28969
>
> > These are only the *active* changes files, though:
>
> > wouter@merkel:/org/ftp.debian.org/queue/done$ find . -name 'nbd*ges'|wc -l
> > 898
>
> > ... since no .changes file is ever thrown away:
>
> > wouter@merkel:/org/ftp.debian.org/queue/done$ du -sh .
> > 7.1G
>
> > They may not be visible on the mirrors, but they are there.
>
> Ah, thank you. I didn't realize that we kept them at all.
>
> Note, though, that if the concern is a cryptographically strong audit
> trail, we could still retain a link from the original *.changes file to
> the final package with a second (possibly signed) document archived with
> the *.changes file listing the original and final checksums of the
> now-signed packages.
True.
--
The biometric identification system at the gates of the CIA headquarters
works because there's a guard with a large gun making sure no one is
trying to fool the system.
http://www.schneier.com/blog/archives/2009/01/biometrics.html
Reply to: