>>>>> On Tue, 06 Oct 2020, Frédéric Pierret wrote: >> We've already discussed it in #-qa, and I still think that this is >> over-engineered. Users can validate the distfile by the Manifest and >> its signature, so exposing the feature to users is redundant.
> IMHO, manifest verification and distfile verification are two separate > things. Before you validate and sign the Manifest, you need to fetch > (new) source and to verify it. This is not redundant at all. The eclass adds a second method of distfile verification on the user's side. So unless the feature is intended to replace digest verification on the long term (which I hope it isn't), it is redundant for users. It may be fine as an opt-in feature for developers, but I believe that enabling it by default for all users is wrong. Ulrich
signature.asc
Description: PGP signature
