On Thu, 27 Oct 2016 10:16:42 -0700 Zac Medico <zmed...@gentoo.org> wrote:
> Use gkeys to verify gpg signatures by default. Refresh the gentoo > snapshot signing key before signature verification, in order to ensure > that the latest revocation data is available. Add an --insecure option > which disables gpg signature verification. Warn about > man-in-the-middle attacks when the --insecure option is used. > Deprecate the pre-existing webrsync-gpg feature since it requires > manual gpg configuration. > > X-Gentoo-Bug: 597918 > X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=597918 > --- > bin/emerge-webrsync | 51 > +++++++++++++++++++++++++++++++++++++++++++++++---- > man/make.conf.5 | 6 ++++-- 2 files changed, 51 insertions(+), 6 > deletions(-) > LGTM -- Brian Dolbec <dolsen>
