Why different keys for -testing and non-testing?
Jesse Keating
jkeating at redhat.com
Sat Jan 17 03:45:19 UTC 2009
On Fri, 2009-01-16 at 22:23 -0500, Casey Dahlin wrote:
> I think its wrong to get the latter out of the keys (though the right
> way might mean touching rpm in a way we aren't allowed/able to). Once we
> have "This package came from Fedora" then for the rest of the info, we
> can just state it in a package header. If the headers are signed then we
> have the necessary level of security. We only need one key to provide
> the non-refutability. The rest of the information can just be stated.
I'd rather state that in the repodata, rather than the rpm itself.
Stating it in the rpm would mean changing the rpm file between -testing
and updates, which would break the ability to hardlink, and would mean
unnecessary churn.
--
Jesse Keating
Fedora -- Freedom² is a feature!
identi.ca: http://identi.ca/jkeating
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20090116/c528e664/attachment.sig>
More information about the fedora-devel-list
mailing list