On 8/2/06, Nigel Tao <[EMAIL PROTECTED]> wrote: > Also, there's the people-security issues of who has access (or how do > they get access) to the keys (and is that access revokable, and what > happens if somebody crucial gets hit by a bus), and what the final > master list URL is (which, as Shaun correctly mentions is part of the > API, just like the new D-Bus interface org.gnome.NewStuffManager), how > is this list hosted, and how is it updated.
You sign things with your own key and the server has a list of keys it accepts things from. it removes your signature and signs your file with it's own key. Afaik this is how Debian and etc manage package uploads. -- Travis Watkins http://www.realistanew.com _______________________________________________ desktop-devel-list mailing list [email protected] http://mail.gnome.org/mailman/listinfo/desktop-devel-list
