[I've moved this discussion to debian-policy. Please remove the CC to
debian-private when replying.]
On Tue, 16 Dec 1997, Radu Duta wrote:
> I just ran these two commands.
>
> # ls -al /var/lib/dpkg/info/*.md5sums | wc
> 93 837 8367
>
> # ls -al /var/lib/dpkg/info/*.list |wc
> 259 2331 22654
>
> If every package had a md5sum then there should be a md5sum for
> every .list file, right?
Right, but current policy does not require any package to include such a
file. The reason for this is (AFAIK) that the development of md5sum has
not been coordinated "officially" but has been implemented by a few
developers on their own.
However, as md5sum's in packages seem to make sense and a lot of people
are already using them, we should definitely discuss if we want to make
this policy.
Note, that we should probably also discuss a way to PGP sign packages.
Comments?
Thanks,
Chris
-- _,, Christian Schwarz
/ o \__ [EMAIL PROTECTED], [EMAIL PROTECTED],
! ___; [EMAIL PROTECTED], [EMAIL PROTECTED]
\ /
\\\______/ ! PGP-fp: 8F 61 EB 6D CF 23 CA D7 34 05 14 5C C8 DC 22 BA
\ / http://fatman.mathematik.tu-muenchen.de/~schwarz/
-.-.,---,-,-..---,-,-.,----.-.-
"DIE ENTE BLEIBT DRAUSSEN!"
