On 01.07.2015 06:13 PM, Mihai Moldovan wrote: > BUT we do sign the packages with an 2048 bit RSA key. While this is > not a bad idea per se, I've read that RHEL5's rpm only supports 1024 > bit RSA or DSA keys... > > > Looks like I have to create an 1024 bit subkey, upload that to the > keyservers, put it into the Debian keyring, add it to > http://packages.x2go.org/pub.key and sign all RHEL 5 packages with > that weak one?
Created a VM and tested this hunch with one package. Looks like I was right. Will update the buildscript now and re-sign manually for now... Mihai
signature.asc
Description: OpenPGP digital signature
_______________________________________________ x2go-dev mailing list [email protected] http://lists.x2go.org/listinfo/x2go-dev
