[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnu-arch-users] Archive signing mini-howto

From: Cameron Patrick
Subject: Re: [Gnu-arch-users] Archive signing mini-howto
Date: Tue, 28 Sep 2004 13:05:42 +0800
User-agent: Mutt/1.5.6+20040803i

[Oops, hit the wrong key.  Sorry James, meant to send this only to the list.]

On Tue, Sep 28, 2004 at 12:12:16AM -0400, James Blackwell wrote:

> I'm working on a minihowto dealing with signing archives. I'd like to
> include a safer script that the one I've been handing out; one that is
> smart enough to handle multiple archives: 
> However, that would require a slight change to the signature code --
> namely, that =default.check be called with an argument, which would be the
> archive name.

I think that's a great idea.

At the moment my signature checking script only verifies that there is
a signature, not that it came from the right person, because I'm too
lazy to do anything better.  Anything that makes it possible for me to
be lazy /and/ secure is a good thing :-)

One thought:  maybe an environment better might be better (for
consistency with hook scripts)?


Attachment: signature.asc
Description: Digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]