Re: PATCH: package verification in dpkg

To: Jason Gunthorpe <jgg@debian.org>
Cc: debian-dpkg@lists.debian.org
Subject: Re: PATCH: package verification in dpkg
From: John Goerzen <jgoerzen@progenylinux.com>
Date: 10 Mar 2001 10:56:19 -0500
Message-id: <[🔎] 87lmqdty70.fsf@complete.org>
In-reply-to: <[🔎] Pine.LNX.3.96.1010309171111.6640C-100000@wakko.deltatee.com>
References: <[🔎] Pine.LNX.3.96.1010309171111.6640C-100000@wakko.deltatee.com>

Jason Gunthorpe <jgg@debian.org> writes:

> On 9 Mar 2001, John Goerzen wrote:
> 
> > Below is a patch that will allow dpkg to do cryptographic verification
> > of gpg signatures attached to packages at install time.  It uses
> 
> Could it at least have an option to turn it off? APT users using the new
> secured release files are not going to want to burn the cycles to do this.

If debsig-verify is not installed, it never runs.

Incidentally, secured release files serve a different purpose and
there are many benefits to supporting both.

-- John

Reply to:

References:
- Re: PATCH: package verification in dpkg
  - From: Jason Gunthorpe <jgg@debian.org>

Prev by Date: Re: PATCH: package verification in dpkg
Next by Date: Re: dpkg segfaults
Previous by thread: Re: PATCH: package verification in dpkg
Next by thread: Creating Packages file
Index(es):
- Date
- Thread