Re: [Gnu-arch-users] Archive signing mini-howto

gnu-arch-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnu-arch-users] Archive signing mini-howto

From:	Cameron Patrick
Subject:	Re: [Gnu-arch-users] Archive signing mini-howto
Date:	Tue, 28 Sep 2004 13:05:42 +0800
User-agent:	Mutt/1.5.6+20040803i

[Oops, hit the wrong key.  Sorry James, meant to send this only to the list.]

On Tue, Sep 28, 2004 at 12:12:16AM -0400, James Blackwell wrote:

> I'm working on a minihowto dealing with signing archives. I'd like to
> include a safer script that the one I've been handing out; one that is
> smart enough to handle multiple archives: 
> 
> However, that would require a slight change to the signature code --
> namely, that =default.check be called with an argument, which would be the
> archive name.

I think that's a great idea.

At the moment my signature checking script only verifies that there is
a signature, not that it came from the right person, because I'm too
lazy to do anything better.  Anything that makes it possible for me to
be lazy /and/ secure is a good thing :-)

One thought:  maybe an environment better might be better (for
consistency with hook scripts)?

Cameron.

signature.asc
Description: Digital signature

[Prev in Thread]

Current Thread

[Next in Thread]

[Gnu-arch-users] Archive signing mini-howto, James Blackwell, 2004/09/28
- Re: [Gnu-arch-users] Archive signing mini-howto, Zenaan Harkness, 2004/09/28
- Re: [Gnu-arch-users] Archive signing mini-howto, Cameron Patrick <=
- [Gnu-arch-users] Re: Archive signing mini-howto, Daniel Schoemer, 2004/09/28

Prev by Date: Re: [Gnu-arch-users] Archive signing mini-howto
Next by Date: [Gnu-arch-users] [MERGE REQUEST] fix "update" when operating on non-default archives
Previous by thread: Re: [Gnu-arch-users] Archive signing mini-howto
Next by thread: [Gnu-arch-users] Re: Archive signing mini-howto
Index(es):
- Date
- Thread