On 2015-03-04 1:10 PM, matt wrote:
use a pgp signing key with pass phrase and sign the release / packages files. ubuntu already does this.
You also need to sign the packages before uploading. You can sign the packages AND the repository. Both are done by different actors: uploader, repo manager. -- Mathieu _______________________________________________ OpenStack-operators mailing list [email protected] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
