[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Gnu-arch-users] tla--devo--1.2 has preliminary gpg stuff
|
From: |
Tom Lord |
|
Subject: |
Re: [Gnu-arch-users] tla--devo--1.2 has preliminary gpg stuff |
|
Date: |
Fri, 26 Dec 2003 12:01:01 -0800 (PST) |
> From: Johannes Berg <address@hidden>
>> I don't see that as a bug. Checksum files are worthless if they're not
>> signed. After all, if the patches have been modified by a nefarious
>> person, then the checksum file could be modified to match.=20
> Yes, but checksum files are always present, even in an unsigned
> archive. But then again, you wouldn't run the check on that
> archive. Never mind, for some reason I was thinking you'd do
> that.
I suppose that if you're checking against an externally vetted list of
checksums you don't, strictly speaking, need to check the ones in the
archive (though it is probably convenient to have them there).
But if you're checking for media or xmission failures, then you do
want to check the ones in the archive, even if they are unsigned.
-t
Re: [Gnu-arch-users] tla--devo--1.2 has preliminary gpg stuff, Johannes Berg, 2003/12/26
Re: [Gnu-arch-users] tla--devo--1.2 has preliminary gpg stuff, Robert Collins, 2003/12/26
Re: [Gnu-arch-users] tla--devo--1.2 has preliminary gpg stuff, Andrew Suffield, 2003/12/26
Re: [Gnu-arch-users] tla--devo--1.2 has preliminary gpg stuff, Tom Lord, 2003/12/26
Re: [Gnu-arch-users] tla--devo--1.2 has preliminary gpg stuff, Andrew Suffield, 2003/12/27
Re: [Gnu-arch-users] tla--devo--1.2 has preliminary gpg stuff, James Blackwell, 2003/12/27
Re: [Gnu-arch-users] tla--devo--1.2 has preliminary gpg stuff, Andrew Suffield, 2003/12/27
Re: [Gnu-arch-users] tla--devo--1.2 has preliminary gpg stuff, Robert Collins, 2003/12/27