[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: mono and snk key files

On 11/29/2009 11:29 AM, Christopher Brown wrote:
> 2009/11/29 Kalev Lember <kalev smartlink ee>:
>> Hello,
> <snip>
>> Comments?
> I'm the maintainer for log4net but unfortunately not for nant. I've
> finally gotten around to looking at this.
> Debian have a policy[1] of using a standard mono.snk which is provided
> by a package (I guess we just then BuildRequires this) and I think
> this seems like a good solution but have no experience of this.

We should definitely use Debian's key, right? Otherwise some Fedora CLI
libraries would be unnecessarily incompatible with Debian, and whoever
else uses Debian's key.

The whole business of not shipping code-signing keys is a little
contrary to open source. I think this is something that GPLv3 would
prohibit. We should use a single well-known signing key for any package
that we don't have the keys for, I think.


Attachment: signature.asc
Description: OpenPGP digital signature

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]