[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Plash] Packaging system (was: Plash Wiki)

From: Thomas Leonard
Subject: Re: [Plash] Packaging system (was: Plash Wiki)
Date: Wed, 28 Mar 2007 21:48:13 +0100

On 3/10/07, Thomas Leonard <address@hidden> wrote:
On 3/8/07, Mark Seaborn <address@hidden> wrote:
> To clarify, I meant the sort of trust you're referring to here.  When
> I launch gedit I want to be sure that I am getting a program that was
> signed by the public key I specified when I installed gedit,

I agree. The trust database should record which domains the key is
trusted for. Then the 'confirm trust' box can say "Note: you already
trust this key for software from" when confirming a key for

I've done a bit of work on this now. The new confirmation dialog looks
like this:

By default, the domain in which a key is trusted is currently the host
part of the feed URL. So, if you run ROX-Filer, Edit and 0compile then
you'll be asked to accept my key twice (for and
for On the second time, it will tell you that you
already trust it in the other domain.

If you want it more fine-grained, adjust "trust.domain_from_url()" to taste.

Dr Thomas Leonard     
GPG: 9242 9807 C985 3C07 44A6  8B9A AE07 8280 59A5 3CC1

reply via email to

[Prev in Thread] Current Thread [Next in Thread]