Should Fedora rpms be signed?
Nils Philippsen
nphilipp at redhat.com
Thu Nov 4 16:24:36 UTC 2004
On Thu, 2004-11-04 at 07:30 -0500, Alan Cox wrote:
> On Thu, Nov 04, 2004 at 11:33:00AM +0100, Nils Philippsen wrote:
> > Just to overstretch analogies a bit, the "signature" of Fisher-Price on
> > a kid's toy isn't different from the "signature" of Heckler&Koch on a
> > submachine gun either. Despite that they convey very different messages
> > ("when you push the button, the doll cries" vs. "... a whole family
> > cries").
> >
> > Let's face it, currently a signed package only means "someone/-thing has
> > signed off on it" on a technical level, anything else is just what we
>
> At the technical level but not at the actual human level. At that point
> brand comes into it.
I don't argue that, but at the human level the Rawhide "brand" tells me
something very different than the Fedora or RHEL final "brand".
Nils
--
Nils Philippsen / Red Hat / nphilipp at redhat.com
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety." -- B. Franklin, 1759
PGP fingerprint: C4A8 9474 5C4C ADE3 2B8F 656D 47D8 9B65 6951 3011
More information about the fedora-test-list
mailing list