On 06/19/2016 11:44 AM, Yui Hirasawa wrote: > If you sign the script and it contains say sha512sums for the things it > pulls you don't have to sign them separately. It's similiar to how many > distributions only distribute one file with all the sums that is signed.
I don't think there's no easy way for the user to verify such sums, as they would be over large file trees. (Nix would do that but at this point they don't have/trust it yet.) Perhaps if we built one big self-extracting script and signed it... if you'd like to implement that ;-) --Vladimir
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ nix-dev mailing list [email protected] http://lists.science.uu.nl/mailman/listinfo/nix-dev
