(non) automatic signing (was: Updates System)
Nicolas Mailhot
nicolas.mailhot at laposte.net
Wed May 16 19:15:14 UTC 2007
Le mercredi 16 mai 2007 à 20:52 +0200, Axel Thimm a écrit :
> On Wed, May 16, 2007 at 07:08:09PM +0200, Nicolas Mailhot wrote:
> > Le mercredi 16 mai 2007 à 11:18 -0500, Josh Boyer a écrit :
> > > On Wed, 2007-05-16 at 09:02 -0700, Chris Weyl wrote:
> > > >
> > > > * a "make push" command that could be run to push a package w/o any
> > > > manual intervention. For most packages, a "make tag build push" would
> > > > suffice, and the world wouldn't come to an end.
> > >
> > > That should never happen for updates. Packages are signed and you need
> > > a human to sign them. Automating the signing process is absurd because
> > > if that's done, there is no point in signing things anyway.
> >
> > Of course there is.
>
> > [...]
>
> I was just going to write what Nicolas did. In fact even to the
> letter. Maybe we are twin brothers after all and our parents lied to
> us ;)
Oh, no, I'm Axelefying! /me checks the water tap for radioactive
elements :)
> Anyway to add something to the discussion: ATrpms does automated
> signing since the beginning
And kernel.org autosigns too. Anyone wants to pretend that system has
not been audited to death?
--
Nicolas Mailhot
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: Ceci est une partie de message num?riquement sign?e
URL: <http://listman.redhat.com/archives/fedora-maintainers/attachments/20070516/1fba4a92/attachment.sig>
More information about the Fedora-maintainers
mailing list