Time to resurrect multi-key signatures in RPM?

Bojan Smojver bojan at rexursive.com
Wed Aug 27 21:37:56 UTC 2008


Jeff Spaleta <jspaleta <at> gmail.com> writes:

> How about you back up and just work on this very specific problem of
> deterministically doing build comparisons across disparate build
> systems ..before we even begin to discuss how a multiple sigantory
> process which relies on that.

We didn't even find out how many packages differ in significant ways by doing
raw checksums. But look, I already said that my proposal is withdrawn until we
invent a way of doing this correctly.

> They would have to choose to run koji, instead of their own setups.

If you re-read the thread, you'll notice that I said that we'd also build stuff
for them (i.e. we'd also run their setups). You know, this thing called
cooperation. It would not be just one way.

--
Bojan






More information about the fedora-devel-list mailing list