[
https://issues.apache.org/jira/browse/IVY-850?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12766651#action_12766651
]
Zachary Bedell commented on IVY-850:
------------------------------------
As an extension to this item, signing an ivy.xml with XML-DSIG elements could
allow for cryptographic certification of an entire ivy publication. Signing
the XML with embedded checksums would cover the artifacts without requiring JAR
signing (and also allowing non-JAR publications to be certified).
The necessary elements could fit under the xs:any allowance currently under
/ivy-module/info/ or perhaps be given their own explicit elements in the schema.
> Checksums can be defined in ivy.xml files
> -----------------------------------------
>
> Key: IVY-850
> URL: https://issues.apache.org/jira/browse/IVY-850
> Project: Ivy
> Issue Type: New Feature
> Components: Core
> Affects Versions: 2.0.0-beta-2
> Reporter: Paul Mackay
> Priority: Minor
>
> Ivy currently supports verifying files using separate checksum files present
> in the same location as the artifacts. It would also be useful to support
> defining the checksum inline as an attribute of an artifact. For some users
> this could be a preferable way to store the checksum information. It is
> something we would find useful and one other person on the mailing list
> commented that it was a good idea. There were no negative comments.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
