Monday, September 22, 2008, 9:37:56 AM, Christophe David wrote: > If a recipe developer is willing to do that little extra work, a GPG > signature for the recipe would be all that is required. The > developer's public key can be made available on any key server so that > anyone could check the recipe has not be altered in any way.
> http://www.gnupg.org/ > http://getfiregpg.org/ sorry, I do not understand these tools. Is a GPG signature added to the code in a script, or does the script need to be packaged in some special container, which is signed? If it is the first, how does it prevent anyone to copy and use in their own modified script? If it is the latter than it is a considerable extra burden for publishing a recipe script. I really just want to upload updated recipe scripts, without having to bother about packages. I try even to avoid zipping things if possible. ~Hans _______________________________________________ pmwiki-users mailing list [email protected] http://www.pmichaud.com/mailman/listinfo/pmwiki-users
