Darren J Moffat wrote:
Shawn Walker wrote:
If that's ok, then sure. Obviously having the signature in the file
is preferred from a 'easier-to-verify-and-more-secure' standpoint.
Also ensures that they never get out of sync due to backup/restore
issues. Which is why for the crypto framework signing I put the
signatures inside the ELF binaries rather than as a separate file.
Yes, but ELF is a container format that makes this far easier. JSON is
not a container format so it is making my life difficult to say the
least. Especially since the JSON serializer doesn't write data in a
deterministic order.
That is, the same data loaded and written multiple times will be written
differently causing the signature to change each time.
Sigh,
--
Shawn Walker
_______________________________________________
pkg-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
