Should Fedora rpms be signed?
Satish Balay
balay at fastmail.fm
Thu Nov 4 21:02:59 UTC 2004
On Thu, 4 Nov 2004, Peter Jones wrote:
> Signing something with the Red Hat key and signing something with the
> Rawhide key are currently _the same thing_, and no amount of telling
> people that it's not is going to change that.
(I didn't want to get sucked into this again - but couldn't
resist.. this tread never dies).
I hope you can give pointed answers to these 2 questions.
1. If 'Red Hat key' == 'Rawhide key' - why do you have both?
2. How does packages signed by 'at-rpms-key' fit in your grad model
where all keys are the same - and users don't know how to distinguish
them. Or should no one other than 'Redhat' be signing packages.
Thanks,
Satish
More information about the fedora-test-list
mailing list