-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
On Donnerstag, November 28, 2002, at 09:00 Uhr, Carsten Klapp wrote:
Hi David,
Hi Carsten
I like the idea of signature verification. Better safe now than sorry
later.
I am very glad to hear that, which makes me think about this even
All,
What about an opt-in scheme where everything is signed, but users who
don't care can install it without verification. Sort of like the MD5
scheme some projects use--you verify the integrity of the software if
you worry about such things and ignore the signature if you don't.
Developers
I got phpwebstats working on my local copy of the fink site.
Does anyone mind if i check this in? Can easily turn it back if it goes
badly. :) With this (and a copy of phpwebstats in fink home) we can
actually see detailed stats for the fink site that look like
On Friday, November 29, 2002, at 05:13 PM, Xavier HUMBERT wrote:
And signing the info file is just an extra step, which can be easyly
automated. A detached signature, would add the extra bonus that info
file is not modified, thus no need to modify trhe parsing code. If
there
is a
On Monday, November 25, 2002, at 06:36 PM, Ben Hines wrote:
Anyone is welcome to check out submitted packages on the submission
tracker, even if you cant commit it, you can check the packages for
obvious things like shared library dependencies,
fink validate errors on .deb file or info file
