On 09/04/12 17:51, Ximin Luo wrote: > - verify $TMPDIR using signatures and checksums hard-coded into the updater
Er, mis-edit here. I meant the certificate / key should be hard-coded into the updater. The signatures and checksums would obviously be part of the distribution, probably with the manifest. But after thinking about it, it's probably more flexible to let certificates / keys be a "component" of the distribution, with type "key" or something, rather than let it be hard-coded. X -- GPG: 4096R/5FBBDBCE https://github.com/infinity0 https://bitbucket.org/infinity0 https://launchpad.net/~infinity0 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 900 bytes Desc: OpenPGP digital signature URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20120409/10d83774/attachment.pgp>
