Time to resurrect multi-key signatures in RPM?

Bojan Smojver bojan at rexursive.com
Tue Aug 26 02:39:47 UTC 2008


Andrew Bartlett <abartlet <at> samba.org> writes:

> I think the checksums would be the hardest part.   Build times, hosts
> and other details are very often embedded into a build. 

Yeah, good point. We do have checksums of individual files inside the RPM,
right? Maybe we can leverage that in order to provide a build system neutral
checksum that can be verified independently?

--
Bojan




More information about the fedora-devel-list mailing list