Re: Bug#540215: Introduce dh_checksums

To: debian-devel@lists.debian.org
Subject: Re: Bug#540215: Introduce dh_checksums
From: Russ Allbery <rra@debian.org>
Date: Thu, 18 Mar 2010 16:52:07 -0700
Message-id: <[🔎] 871vfhchnc.fsf@windlord.stanford.edu>
In-reply-to: <[🔎] 1268956013.11872.58.camel@solid.paris.klabs.be> (Frank Lin PIAT's message of "Fri, 19 Mar 2010 00:46:53 +0100")
References: <[🔎] slrnhosifd.rmi.trash@kelgar.0x539.de> <[🔎] 1267650344.8266.262.camel@solid.paris.klabs.be> <[🔎] 87bpf3vrai.fsf@qurzaw.linpro.no> <[🔎] 1268066168.21347.9661.camel@solid.paris.klabs.be> <[🔎] 87wrxmbkdn.fsf@windlord.stanford.edu> <[🔎] 20100310143214.GE10578@celtic.nixsys.be> <[🔎] 20100311173710.GC25679@nn.nn> <[🔎] 87aaue898o.fsf@frosties.localdomain> <[🔎] 20100312221356.GJ3902@celtic.nixsys.be> <[🔎] 87eijj7523.fsf@frosties.localdomain> <[🔎] 20100317103100.GA18915@celtic.nixsys.be> <[🔎] 1268956013.11872.58.camel@solid.paris.klabs.be>

Frank Lin PIAT <fpiat@klabs.be> writes:

> I have no strong preferences between signed APT and SIGNED DEBs... it is
> just that the remaining of the thread showed that signed DEBs are quite
> tough to implement. (and I still wonder how we could preserve the
> current deb format with "tar.gz in ar", while signing the debs)

You add an additional ar member that contains the signed checksums of all
of the files in data.tar.gz, possibly another additional member that
contains the signed checksums for control.tar.gz, or you document some
convention so that you can combine both into the same signed checksum
document.

There are other implementation methods possible, but that's probably the
most obvious one.

-- 
Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>

Reply to:

Follow-Ups:
- Re: Bug#540215: Introduce dh_checksums
  - From: Wouter Verhelst <wouter@debian.org>
- Re: Bug#540215: Introduce dh_checksums
  - From: Harald Braumann <harry@unheit.net>

References:
- Re: md5sums files
  - From: Philipp Kern <trash@philkern.de>
- Re: md5sums files
  - From: Frank Lin PIAT <fpiat@klabs.be>
- Re: md5sums files
  - From: Tollef Fog Heen <tfheen@err.no>
- Bug#540215: Introduce dh_checksums
  - From: Frank Lin PIAT <fpiat@klabs.be>
- Re: Bug#540215: Introduce dh_checksums
  - From: Russ Allbery <rra@debian.org>
- Re: Bug#540215: Introduce dh_checksums
  - From: Wouter Verhelst <wouter@debian.org>
- Re: Bug#540215: Introduce dh_checksums
  - From: Harald Braumann <harry@unheit.net>
- Re: Bug#540215: Introduce dh_checksums
  - From: Goswin von Brederlow <goswin-v-b@web.de>
- Re: Bug#540215: Introduce dh_checksums
  - From: Wouter Verhelst <wouter@debian.org>
- Re: Bug#540215: Introduce dh_checksums
  - From: Goswin von Brederlow <goswin-v-b@web.de>
- Re: Bug#540215: Introduce dh_checksums
  - From: Wouter Verhelst <w@uter.be>
- Re: Bug#540215: Introduce dh_checksums
  - From: Frank Lin PIAT <fpiat@klabs.be>

Prev by Date: Re: Bug#540215: Introduce dh_checksums
Next by Date: Work-needing packages report for Mar 19, 2010
Previous by thread: Re: Bug#540215: Introduce dh_checksums
Next by thread: Re: Bug#540215: Introduce dh_checksums
Index(es):
- Date
- Thread