In the rpm-ecosystem mailing list, Michael Schroeder from SUSE brought up that we don't sign the metadata for the rawhide repository <http://lists.rpm.org/pipermail/rpm-ecosystem/Week-of-Mon-20150803/000193.html> and it would be nice if it was signed so that he could be sure that the mirrors didn't "do funny things".
Is there a reason we don't sign the rawhide repodata? Forgive me for my ignorance, but do we sign repository metadata at all, and if so, how do we do it I'd like to do that for my own repos too. -- 真実はいつも一つ!/ Always, there's only one truth!
-- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
