Am 27.01.2017 um 20:46 schrieb Matthias Seidel:
Am 27.01.2017 um 20:39 schrieb Marcus:
Am 27.01.2017 um 20:23 schrieb Peter Kovacs:
On 27.01.2017 20:17, Marcus wrote:
And it is crucial that the hashes and signature files *not* be
mirrored. Having them only available at dist.apache.org is the secure
way to detect that the mirror-downloaded binary is authentic and
unaltered.
right, we as OpenOffice project we should make sure that we refer only
to our own files and servers. So, I hope that there is no faulty link.
;-)
This decision would also mean we never release on Mac or Windows shop!
I think this is a fatal decision.
as long as we have no idea who should do this work, it's not really
relevant to think now about this. ;-)
Marcus
I would like to do a distribution of Apache OpenOffice to the Ubuntu
Snap Store this year.
Canonical has done this with LO, so it is no rocket science.
then it should be also no problem to store the hash files for these
files on the ASF servers.
So I would be definitely interested if that is possible/legal.
With a fist fast search I haven't seen conditions and prerequisites. So,
of course this has to be clarified.
On the other hand, as we don't store our binaries on ASF servers but on
Sourceforge, we have already a (kind of) distributed software. So, *at
the moment* I don't see that the Ubuntu Snap Store is a significant
difference.
Marcus
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org
For additional commands, e-mail: dev-h...@openoffice.apache.org
