Danek Duvall wrote:
The structure also brings up the issue of stability order of entries, which will be necessary for catalog signing. Signing and verification could always happen on a transform of the catalog, where dictionaries are turned into lists of key/value pairs sorted by key, but given that we'll want to verify the signature every time we read the catalog (I assume), then this seems a bit expensive. Perhaps you or Bart have given some more thought to this?
I would validate the catalog only when it's extended... I am assuming that we would impose a synthetic order for manifest; catalogs would need to do the same. - Bart Bart Smaalders Solaris Kernel Performance [email protected] http://blogs.sun.com/barts "You will contribute more with mercurial than with thunderbird." _______________________________________________ pkg-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
