Jon Turney writes: > How would the signature be checked? Is it for the reconstructed full > zchunk file?
The signature should be for the full (reconstructed) file I think, the individual chunks of the changeset are locked in by SHA256 checksums anyway. > One slightly related issue which it would be good to address if > possible when adding this is that rsync is only file-atomic, not > repo-atomic, so we may get a compressed ini file and signature which > don't match as they are different moments in time during an update. I > think currently no-one notices this if it happens, as setup silently > falls back to an older compression type, but it would be nice to stop > generating those eventually. One of the things I am still thinking about is switching from the ini format to YAML. In this case the signature could/should be part of the data structure (JOSE/COSE style), so you'd only ever have to look at a single file and it wouldn't matter how you got it together. Regards, Achim. -- +<[Q+ Matrix-12 WAVE#46+305 Neuron microQkb Andromeda XTk Blofeld]>+ Factory and User Sound Singles for Waldorf rackAttack: http://Synth.Stromeko.net/Downloads.html#WaldorfSounds