Osamu Aoki wrote:
> On Thu, Dec 04, 2008 at 12:26:31PM +0000, Magnus Therning wrote:
>> At work I want to add signing to our automatic build system. In
>> theory it's a simple application of `gpg` at the end of building to
>> get a detached signature would do, but I'm weary of sticking the
>> secret key on the build servers. I'd feel a bit more safe if the
>> signing could be done on a separate server. However, the built files
>> are large and I don't want to introduce a bottle neck by transfering
>> all files back and forth over the network.
>
> Are you sigining each file or signing like what we do at Debian.
>
> If you install devscripts package, there is "debsign" to sign *.dsc
> properly while creating right *.changes
>
> Thisallow us to sign package build on remote machine safely.
I need to sign each file.
/M
--
Magnus Therning (OpenPGP: 0xAB4DFBA4)
magnus@therning.org Jabber: magnus@therning.org
http://therning.org/magnus
Haskell is an even 'redder' pill than Lisp or Scheme.
-- PaulPotts
Attachment:
signature.asc
Description: OpenPGP digital signature