mock: enable gpgcheck for f8 config file
seth vidal
skvidal at fedoraproject.org
Thu Jan 3 22:22:27 UTC 2008
On Thu, 2008-01-03 at 23:18 +0100, Till Maas wrote:
> On Do Januar 3 2008, seth vidal wrote:
>
> > it uses urlgrabber which uses urllib[2] underneath. ssl connections
> > specific ca to focus on.
> >
> > but what does this have to do with gpg certs? gpg certs aren't ssl
> > certs.
>
> When yum (rpm?) verifies ssl certificates for https urls to acquire gpgkeys,
> it is possible to use these urls in the mock config, without losing (much)
> security.
too many options here:
1. rpm has nothing to do, in yum, with downloading gpg keys or packages.
2. you want to use an ssl cert to verify the location we're retrieving
the gpg keys from? And you want to use a special CA to guarantee we have
the right one?
3. What's the LOSS of security you're worried with?
-sv
More information about the Fedora-buildsys-list
mailing list