Hi,
Am 02.11.2011 17:11, schrieb Robin H. Johnson:
On Wed, Nov 02, 2011 at 01:03:21PM +0100, enno+gen...@groeper-berlin.de wrote:
I followed the threads about manifest signing with interest and even had
a look at the manifest signing guide [4]. Sounds nice at first view.
But, please correct
On Thu, Nov 03, 2011 at 10:55:52PM +0100, enno+gen...@groeper-berlin.de wrote:
If it is (also) for the users, why is there no code for it in portage
anymore [3]?
Hmm, I hadn't see that removal, but it makes sense unless the entire
tree is developer-signed, which isn't likely to happen
Hello,
Am 29.09.2011 17:02, schrieb Anthony G. Basile:
Hi everyone,
The issue of Manifest signing came up in #gentoo-hardened channel ...
again. Its clearly a security issue and yet many manifests in the tree
are still not signed. Is there any chance that we can agree to reject
unsigned
On Wed, Nov 02, 2011 at 01:03:21PM +0100, enno+gen...@groeper-berlin.de wrote:
I followed the threads about manifest signing with interest and even had
a look at the manifest signing guide [4]. Sounds nice at first view.
But, please correct me, if I'm wrong. I didn't find a place where these
On 29/09/11 16:02, Anthony G. Basile wrote:
Is there any chance that we can agree to reject
unsigned manifests? Possibly a question for the Council to adjudicate?
I am happy to back a mandatory signing policy for the main gentoo-x86
tree. This is a simple yes or no question that the council
On 29-09-2011 11:02:17 -0400, Anthony G. Basile wrote:
The issue of Manifest signing came up in #gentoo-hardened channel ...
again. Its clearly a security issue and yet many manifests in the tree
are still not signed. Is there any chance that we can agree to reject
unsigned manifests?