Dne 4.6.2010 11:32, Dag Wieers napsal(a): > Well, I am unhappy about that to a certain point. Since I am the only > person who can sign it with a key that everyone using RPMforge trusts, I > cannot allow other people to push RPM packages signed by the same key > that I haven't looked at.
I have no objections about it. But there are and were situations when we need push really quickly package update. > If we ever would go to a situation with more than one person signing, I > don't think we can do that using the same key, or even using the same > repository. Because the people giving me that trust did not have any say > in whether they trusted 5 other people. > > So for me that is already one item that is not solvable within RPMforge. > That's why it requires a new 'project', a new repository, something > people can underwrite again, that they can learn to trust. Whether it be > rpmrepo, RepoForge or both is yet to be seen. rpmrepo is like a Columbo's wife. Everybody's talking about her, no one's ever seen her. I still think we must go elRepo, Fedora way. Allow multiple commiters, reviewers, build, and signin infrastructure. David _______________________________________________ users mailing list [email protected] http://lists.rpmforge.net/mailman/listinfo/users
