Rawhide signatures
Rui Miguel Seabra
rms at 1407.org
Tue Jun 22 16:09:58 UTC 2004
On Tue, 2004-06-22 at 16:34 +0200, Nicolas Mailhot wrote:
> Le mar, 22/06/2004 à 10:19 -0400, Dan Williams a écrit :
> > AFAIK this is the case. Packages that are part of a "release", ie
> > Fedora Core x, or FCx Test x, are signed. Between releases, if a
> > package gets revved over the signed version, it is unsigned until the
> > next release.
>
> Yep, that is why I wrote a rawhide key would be great.
> I don't mind (well, I do but I'm ready to pay this price) if my data is
> eaten by a buggy rawhide package. But I'd really love to be sure I only
> install Quality Rawhide Bugware and not malware someone injected in a
> compromised mirror.
There is rawhide key. However, it is not used properly :|
The point here is more to be sure that we have the packages the
developers intended us to have than of giving any warranty in as so far
as integrity against trojans !
Rui
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20040622/97e2aa39/attachment.sig>
More information about the fedora-devel-list
mailing list