-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thursday 12 June 2003 18:19, Brook Humphrey wrote: > On Thursday 12 June 2003 02:50, Oden Eriksson wrote: > > torsdagen den 12 juni 2003 11.26 skrev Per �yvind Karlsen: > > > -----BEGIN PGP SIGNED MESSAGE----- > > > Hash: SHA1 > > > > > > On Thursday 12 June 2003 11:15, Oden Eriksson wrote: > > > > E: php-mhash unknown-key GPG#604AA4E4 > > > > > > why are you actually signing these packages yourself? > > > > Huh? That's what I've been told to do maybe 1,5 year ago..., has this > > policy changed? If so no one has told me about it. > > Nope I have to sign all the srpm's I send to contribs also. when uploading them yourself(not upping them to ftp.linux-mandrake.com) you should'nt sign them, as you see, noone else does this, and when people are installing your packages they'll get warnings about it because the package has both your signature and the mandrakesoft, while they have only the mandrakesoft signatures.. I used to sign them myself, but Lenny told me not to, and I guess you should'nt neither, unless there's any special reason for this..?
I'm not gonna say I'm *sure* about this, but packages are automatically signed, and rpmlint also nags about this.. - -- Regards, Per �yvind Karlsen Sintrax Solutions http://www.sintrax.net - +47 41681061 - -------------------------------------------- GPG Key: http://sintrax.net/~hawkeye/key.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) iD8DBQE+6KnJv8F7V9JOSuURAgAUAJ424n+kdHTNk0S2FgKPyn5bgfYmngCfU7VN tCu1Du4m9fPmmDC0C7w3Umg= =5SYw -----END PGP SIGNATURE-----
