Time to resurrect multi-key signatures in RPM?
Bojan Smojver
bojan at rexursive.com
Tue Aug 26 02:49:38 UTC 2008
Bojan Smojver <bojan <at> rexursive.com> writes:
> Yeah, good point. We do have checksums of individual files inside the RPM,
> right? Maybe we can leverage that in order to provide a build system neutral
> checksum that can be verified independently?
Or maybe we could even rely on checksums of cpio archives produced by rpm2cpio?
--
Bojan
More information about the fedora-devel-list
mailing list