Re: Package/Mirror integrity?

[Gerhard Kroder <gerhard.kroder@symbiose.com>]

>[mail to list should be sufficient, so i removed cc's]

Christian Hammers wrote:

> On Mon, May 07, 2001 at 11:39:06AM +0200, Gerhard Kroder wrote:
> > Current  "testing" contains a "debsig-verify" package. Is this different to
> > what you called "debsign"?

> debsign signs a package .dsc and .changes file to get it validatet by the
> UploadQueue.

i.e. upload server only accept packages from approved Debian developers?

> debsig-verify should in the future allow to verify a signature that the
> maintainer (or a build-daemon for e.g. sparc/alpha) has applied to the
> .deb itself thus giving the end-user the possibility to check binary
> packages, too.

aha.

tnx
  Gerhard

ps: Gruesse nach  Aachen .-))