On 08/22/2015 08:01 AM, Mark H Weaver wrote: > Jeff Burdges <[email protected]> writes: >> I've updated gnurl to curl 7.43.0. Appears to work, passes the curl >> tests, and has exactly the same dependencies. > [...] >> I've also uploaded gnu to https://gnunet.org/gnurl but I did not remove >> the old one because it's signed and I do not have the key to sign the >> new one. > > It would be good if the new gnurl tarball could be signed by a key that > I can authenticate, so that I can update this package in GNU Guix with > confidence. > > Christian Grothoff's key is signed by several people I know including > RMS (whose key I have authenticated in person), so if Christian could > sign it, that would be ideal.
But I did *not* create that TGZ, so it doesn't make sense for me to sign it. However, I did sign Jeff's key, so you get the same "indirect" trust in the build that you'd get if I signed a build Jeff gives to me. > Also, it would be helpful to update gnurl to curl-7.44.0 soon. After > updating gnutls to 3.4.4.1, I found that curl-7.43.0's test suite now > fails, whereas curl-7.44.0's test suite passes. I guess that can be added to Jeff's stack ;-).
signature.asc
Description: OpenPGP digital signature
_______________________________________________ GNUnet-developers mailing list [email protected] https://lists.gnu.org/mailman/listinfo/gnunet-developers
