----Message d'origine----
>A: [EMAIL PROTECTED]
>De: Troels Arvin <[EMAIL PROTECTED]>
>Sujet: Re: [pgadmin-hackers] 1.2.0 Gold uploaded
>Date: Wed, 01 Dec 2004 11:44:31 +0100
>
>On Wed, 01 Dec 2004 10:01:10 +0100, Troels Arvin wrote:
>
>> GPG signatures can be added to existing RPMs. See the "--addsign" rpm
>> parameter.
>
>By the way: It would be nice if Dave's signature were used, as is the case
>for the source tar-balls. Dave: Do you have RPM on your system? - Could
>you add signatures to the RPM files?
mmmh, I'm not sure it's a good solution...
How could Dave be sure that the RPMs he is signing are really the right ones
(<thinking while writing>A signed mail from Devrim with MD5s in it would
suffice for Dave</thinking while writing>). IMHO it's the packager
responsibility to sign its own work and not the project coordinator
responsibility.
Devrim, maybe you should take time to sign major releases and let snapshots
live unsigned.
Regards,
Rapha�l
---------------------------(end of broadcast)---------------------------
TIP 5: Have you checked our extensive FAQ?
http://www.postgresql.org/docs/faqs/FAQ.html
