Should Fedora rpms be signed?
Mail Lists
lists at sapience.com
Tue Nov 2 03:29:38 UTC 2004
To sign or not to sign - that is the quesion - or not.
Whether it is nobler ... oh never mind ...
Guys, shee enuff already. What is the big deal here.
Its completely obvious that some way of reducing spoofed
mirrors is a good thing - signing (even) rawhide is a
good thing - sure its not perfect but it helps.
Use a different key than is used for released versions if
its your pleasure. Change the key every month or every
new develop cycle - whatever makes you happy.
Noone is putting any more significance beyond a little
added safety check that lessens the chance of bad things -
seems enormously rational.
g/
On Mon, Nov 01, 2004 at 06:11:26PM -0500, Peter Jones wrote:
> On Mon, 2004-11-01 at 14:51 -0600, Satish Balay wrote:
>
More information about the fedora-test-list
mailing list