Playground DNF plugin
Kevin Fenzi
kevin at scrye.com
Thu Apr 24 20:27:02 UTC 2014
On Thu, 24 Apr 2014 15:55:22 +0200
Miroslav Suchý <msuchy at redhat.com> wrote:
> On 04/18/2014 06:49 PM, Kevin Fenzi wrote:
> > I'll toss out another option for folks to consider: Signed repodata.
>
> What it would solve?
>
> Unless we want to repeat history, we must place signing server on
> separate machine with very restricted network. And once you have
> this. It really does not matter what you are signing - I mean if it
> is repodata or pacakges.
Well, with repodata you could just need to sign when you compose the
playground repo. Or is the playground repo going to just include all
the existing repodata from the copr's in it?
It may indeed not help anything, I just thought I would mention it...
kevin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://lists.fedoraproject.org/pipermail/env-and-stacks/attachments/20140424/aeec8b1d/attachment.sig>
More information about the env-and-stacks
mailing list