FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Gentoo > Gentoo Development

 
 
LinkBack Thread Tools
 
Old 10-07-2010, 08:06 PM
"Robin H. Johnson"
 
Default Per-file Manifest GPG signatures

On Thu, Oct 07, 2010 at 10:17:01AM -0400, James Cloos wrote:
> >>>>> "RHJ" == Robin H Johnson <robbat2@gentoo.org> writes:
> >> Include the signing keyid in the filename to support both allowing
> >> multiple devs to sign a file and an easy indication of who signed it.
> RHJ> You can extract keyid from any signature trivially.
> But if it is not in the filename you cannot have multiple sig files.
This does still bloat the inode count. The variant was to have multiple
signed blocks inside the Manifest file.

> >> Don't stop everything just because /one/ package has a problem.
> RHJ> This is already controllable.
> If you mean --keep-going, that may work sometimes, but never did when I
> really needed it.
"FEATURES=-severe" iirc, but I do agree that more control over signature
validation in FEATURES would be beneficial.

--
Robin Hugh Johnson
Gentoo Linux: Developer, Trustee & Infrastructure Lead
E-Mail : robbat2@gentoo.org
GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85
 

Thread Tools




All times are GMT. The time now is 07:00 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org