[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: mono and snk key files



On 11/29/2009 11:29 AM, Christopher Brown wrote:
> 2009/11/29 Kalev Lember <kalev smartlink ee>:
>> Hello,
> 
> <snip>
> 
>> Comments?
> 
> I'm the maintainer for log4net but unfortunately not for nant. I've
> finally gotten around to looking at this.
> 
> Debian have a policy[1] of using a standard mono.snk which is provided
> by a package (I guess we just then BuildRequires this) and I think
> this seems like a good solution but have no experience of this.
> 

We should definitely use Debian's key, right? Otherwise some Fedora CLI
libraries would be unnecessarily incompatible with Debian, and whoever
else uses Debian's key.

The whole business of not shipping code-signing keys is a little
contrary to open source. I think this is something that GPLv3 would
prohibit. We should use a single well-known signing key for any package
that we don't have the keys for, I think.



Adam

Attachment: signature.asc
Description: OpenPGP digital signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]