Package: dpkg Severity: wishlist Now that we are going to start signing binary packages, entering the passphrase becomes a pain. When i built GNOME 1.4 for Progeny's newton distribution, it resulted in 400 binary packages. If i had had to sign them all with the current tools, i would have been seriously injured.
So, after talking with Ben Collins and John Goerzen, John and i implemented dpkg-signpackage as part of dpkg. It is written in C instead of an interpreted language to guarantee that we know what happens to the passphrase. That's important, since this program caches it for you. dpkg-signpackage is intended to be the interface for signing all Debian packages: source, binary, or complete. The patch modifies dpkg-buildpackage to hand the .changes to dpkg-signpackage, which signs it all. We are now uploading packages to Progeny's archive with this tool, so it has received a moderate amount of testing. I have made a tarball of the new files and a patch for the modifications to Makefiles and such to build it. If you would prefer it all to be patches i can do that instead. This patch was generated against HEAD as of today. You can find both the tarball and the patch at: http://hackers.progeny.com/~epg/dpkg-signpackage/ -- Eric Gillespie, Jr. <*> [EMAIL PROTECTED] Software Developer Progeny Linux Systems - http://progeny.com "I don't know what a Sawfish Window Manager is."
